tinyurl.com Open in urlscan Pro
2606:4700:10::6814:8b41  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://tinyurl.com/ HTTP 307
   https://tinyurl.com/ HTTP 302
   https://tinyurl.com/app Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

• https://rtb.gumgum.com/getuid/szurmxm0?r=https%3A%2F%2Fc.deployads.com%2Fcs%2FGUMG%3Fb%3D HTTP 302
• https://c.deployads.com/cs/GUMG?b=e_67e2c6ac-1090-4d88-b845-d2c8af85b4ef

Request Chain 19

• https://pixel.advertising.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://pixel.advertising.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 HTTP 302
• https://ups.analytics.yahoo.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2&verify=true HTTP 302
• https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2

Request Chain 20

• https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=cc909151-6d10-11eb-88bc-1d7abbad3306 HTTP 302
• https://c.deployads.com/cs/SPTX?uid=cc909110-6d10-11eb-88bc-1d7abbad3306

Request Chain 21

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
• https://c.deployads.com/cs/TTD?b=7da1cf18-ec46-4a64-a87a-52f2fe491b37

Request Chain 22

• https://sync.1rx.io/usersync2/sortable HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5730435290 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/7da1cf18-ec46-4a64-a87a-52f2fe491b37 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2Fr1%3Fb%3DRX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 HTTP 302
• https://c.deployads.com/cs/r1?b=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003

Request Chain 89

• https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9fef7587-7b96-4567-b7a2-c04de3060a11

Request Chain 90

• https://a.tribalfusion.com/i.match?p=b22&u=18072662212919638292&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662212919638292

Request Chain 91

• https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662212919638292 HTTP 302
• https://a.tribalfusion.com/i.match?p=b23&u=165000903695000329719

Request Chain 92

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662212919638292%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662212919638292%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662212919638292&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b11&u=88FA3C36-4DD8-4F55-9403-8A8D2CDC8956

Request Chain 93

• https://tags.bluekai.com/site/4229?id=18072662212919638292&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
• https://a.tribalfusion.com/i.match?p=b3&u=hHWVBx9999OcD0jQ

Request Chain 94

• https://pixel.advertising.com/ups/57628/sync?uid=18072662212919638292&_origin=1&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662212919638292&_origin=1&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 HTTP 302
• https://a.tribalfusion.com/i.match?p=b17&u=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2

Request Chain 95

• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662212919638292&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
• https://a.tribalfusion.com/i.match?p=b19&u=cc909110-6d10-11eb-88bc-1d7abbad3306

Request Chain 96

• https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662212919638292&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662212919638292&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&C=1 HTTP 302
• https://a.tribalfusion.com/i.match?p=b20&u=YCZDwp0JL2lZJncdoX8FhAAA

Request Chain 97

• https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662212919638292&redirectId=1001 HTTP 302
• https://a.tribalfusion.com/i.match?p=b21&u=178348668527c9a76e55a343dc2ab0

Request Chain 98

• https://a.tribalfusion.com/i.match?p=b10&u=18072662212919638292&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662212919638292&expires=180

Request Chain 99

• https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662212919638292 HTTP 302
• https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOVXx70mZxJDybie0D1YIOI&google_cver=1&google_ula=2786954,0

Request Chain 100

• https://a.tribalfusion.com/i.match?p=b24&u=18072662212919638292&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662212919638292

Request Chain 107

• https://pixel.advertising.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 HTTP 302
• https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2

Request Chain 108

• https://sync.1rx.io/usersync2/sortable HTTP 302
• https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003&rndcb=6173766449 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003&rndcb=6173766449 HTTP 302
• https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 HTTP 302
• https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e7684c8b-1b5b-46b0-8570-88af6d14add4&user_group=1&ssp=adconductor&bsw_param=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 HTTP 302
• https://sync.1rx.io/usersync/bidswitch/66a1f280-7937-4098-9d7b-7c6d1e38c7e5?gdpr=&gdpr_consent= HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003

Request Chain 110

• https://eb2.3lift.com/sync HTTP 302
• https://eb2.3lift.com/sync?&ld=1

Request Chain 112

• https://eb2.3lift.com/sync HTTP 302
• https://eb2.3lift.com/sync?&ld=1

Request Chain 117

• https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0 HTTP 302
• https://c.deployads.com/cs/QANT?gdpr=1&b=y1JjDclRMgjQATIKylJ8C8lbMA3QVmEOxFOrO2XS

Request Chain 118

• https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=66a1f280-7937-4098-9d7b-7c6d1e38c7e5&google_hm=NjZhMWYyODAtNzkzNy00MDk4LTlkN2ItN2M2ZDFlMzhjN2U1 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAU2sOMHoVGH-vxeRpFNCEI&google_cver=1&ssp=sonobi&bsw_param=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=66a1f280-7937-4098-9d7b-7c6d1e38c7e5

Request Chain 119

• https://secure.adnxs.com/getuid?https://c.deployads.com/cs/XNDR?b=$UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc.deployads.com%2Fcs%2FXNDR%3Fb%3D%24UID HTTP 302
• https://c.deployads.com/cs/XNDR?b=5433066005356494175

Request Chain 120

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=td&nuid=7da1cf18-ec46-4a64-a87a-52f2fe491b37&pubid=fb9580c293

Request Chain 121

• https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003&rndcb=1815365019 HTTP 302
• https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor HTTP 302
• https://x.bidswitch.net/sync?dsp_id=70&user_id=3479210181133611694&ssp=adconductor HTTP 302
• https://sync.1rx.io/usersync/bidswitch/66a1f280-7937-4098-9d7b-7c6d1e38c7e5?gdpr=&gdpr_consent= HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003

Request Chain 122

• https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=83956026-43c3-4200-a624-eddb0ee69e0e

Request Chain 123

• https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827868498763756

Request Chain 128

• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 129

• https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D

Request Chain 131

• https://pr-bh.ybp.yahoo.com/sync/triplelift/3000524416463435143?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883

Request Chain 132

• https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 133

• https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3000524416463435143 HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t

Request Chain 134

• https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 139

• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 140

• https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D

Request Chain 142

• https://pr-bh.ybp.yahoo.com/sync/triplelift/3000524416463435143?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883

Request Chain 143

• https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 144

• https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3000524416463435143 HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t

Request Chain 145

• https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request app Show response tinyurl.com/ Redirect Chain http://tinyurl.com/ https://tinyurl.com/ https://tinyurl.com/app	4 KB 3 KB	506ms 506ms	Document text/html	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24 Resource Hash 5107a29793400c1e9be7c6e0f18cb688443d99cc90c8a5364184415ad982a3c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers :method GET :authority tinyurl.com :scheme https :path /app pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=dfded23544db78e55e2fa1f12ad8649891613120446; XSRF-TOKEN=eyJpdiI6IndjZDhpdHRUT1pSbU00MFpET3NCbkE9PSIsInZhbHVlIjoiMHk3YmRhditjVXBkNTV4WmYrVmFROGhSRTVVU3M4cEh6MTdSQU1DemE2Yng3WEVkRDkxdnVOcWppTzRvU2I1UldXU29Cb1ZScDA5WFwvRmlSZnp5VzQ5amQzODBuWkhcL1pqQVRCK0FJQWlVNHE2OEQ3TXBGVE1lWHd0WHN6QmI4SSIsIm1hYyI6IjVlM2M3ZDUwNmYyN2RmNTA0NDU1NzRhODU0NGMzZDhiNzYyZmRlMjRlZGQyYjc5NGM3MjA3NmUyZmIzMmNkMGEifQ%3D%3D; tinyurl_session=eyJpdiI6IjJqN2c1MXFybDk0RXpNUWUyRXhtdHc9PSIsInZhbHVlIjoiVGZRYTBKUWt6dzF2S0I0XC93a1gwelVmaW1IaTcydkRCUmpralwvZk9QVUcwaGx1TU5SMXF2YldFcnNnVkFXMDJBSG91TVVpa2xXc2lhVDV0a3FmZmNEUTRzSXZaSkx1UUsrMWhpakFTVGtINWI3a1FwV3phZ2tDcTNwV1wvaFVEQ0giLCJtYWMiOiJkMTBjNjUwNzc0NWFlYzI2OThmNzBhZTFlYzljZWIzNWI4ZjlmZGRkMDcyYWViNGU4ZTdiYTc5ZjBhNGRlZmYzIn0%3D; tinyUUID=02643c5277410000000000002d727764; early-access=yes%7C2021-02-12T09%3A00%3A47.161%2B00%3A00 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:47 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.24 cache-control max-age=0, private content-language en x-frame-options SAMEORIGIN set-cookie XSRF-TOKEN=eyJpdiI6IitGTG5MZXJMbGdKVTdMTEFVdFQ2NVE9PSIsInZhbHVlIjoiZU02XC8wZ3VPUHNXZWorS2RxSGtEcURtdTd1ZVRPSWorYmlYV0R6aktvQStQbDh3aERKOEl6c0VlZCtSekk3c055cXI0dCtLcnZpR1lPQWF1eXNlZ05RMXM3M053UzJPRGZJcVhWVHdySzJDU25NcjZseXJKOEVmTWVTZCtQN2lmIiwibWFjIjoiNTk3N2ExOTMyYzg5ZTdiNjJkMDRlZjk3OTQyZjMyMzQ0NWRkYmM2NGViNzk2YmVjOGVmMzJlOTRhMzg5MjVmYyJ9; expires=Fri, 12-Feb-2021 11:00:47 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; samesite=lax tinyurl_session=eyJpdiI6IjN6NlwvdGRkZTl6MUVoQVRvazJLY1wvZz09IiwidmFsdWUiOiJ2Q0FcL3hJbGdyNVRBdHFqczFFTWFMbmRBdjRhMUplcWlUelVJdHR0NGZ6Z1o1WUUwcGhiZGRkOFBiMVdKRUV6bzhqS3BzMlR3c2kyVFZ5MXBcLzJoRk5uaytYUStSK1pmRG1iTHhwU3pjWXM5aFwvbnkzbm9oTEplbnJweWlKRUZDVCIsIm1hYyI6IjVlZTg3OGU5MGU3N2FmMWJjOGM2M2UzZGI2ODIwN2VkM2JmOTQ4NmNkYjQxMGMwMjY5YWYwZTk5NGYwZTc2NTIifQ%3D%3D; expires=Fri, 12-Feb-2021 11:00:47 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; httponly; samesite=lax strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC cf-request-id 083711bb1c00006467bcbfe000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f0b58306467-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Fri, 12 Feb 2021 09:00:47 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dfded23544db78e55e2fa1f12ad8649891613120446; expires=Sun, 14-Mar-21 09:00:46 GMT; path=/; domain=.tinyurl.com; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IndjZDhpdHRUT1pSbU00MFpET3NCbkE9PSIsInZhbHVlIjoiMHk3YmRhditjVXBkNTV4WmYrVmFROGhSRTVVU3M4cEh6MTdSQU1DemE2Yng3WEVkRDkxdnVOcWppTzRvU2I1UldXU29Cb1ZScDA5WFwvRmlSZnp5VzQ5amQzODBuWkhcL1pqQVRCK0FJQWlVNHE2OEQ3TXBGVE1lWHd0WHN6QmI4SSIsIm1hYyI6IjVlM2M3ZDUwNmYyN2RmNTA0NDU1NzRhODU0NGMzZDhiNzYyZmRlMjRlZGQyYjc5NGM3MjA3NmUyZmIzMmNkMGEifQ%3D%3D; expires=Fri, 12-Feb-2021 11:00:47 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; samesite=lax tinyurl_session=eyJpdiI6IjJqN2c1MXFybDk0RXpNUWUyRXhtdHc9PSIsInZhbHVlIjoiVGZRYTBKUWt6dzF2S0I0XC93a1gwelVmaW1IaTcydkRCUmpralwvZk9QVUcwaGx1TU5SMXF2YldFcnNnVkFXMDJBSG91TVVpa2xXc2lhVDV0a3FmZmNEUTRzSXZaSkx1UUsrMWhpakFTVGtINWI3a1FwV3phZ2tDcTNwV1wvaFVEQ0giLCJtYWMiOiJkMTBjNjUwNzc0NWFlYzI2OThmNzBhZTFlYzljZWIzNWI4ZjlmZGRkMDcyYWViNGU4ZTdiYTc5ZjBhNGRlZmYzIn0%3D; expires=Fri, 12-Feb-2021 11:00:47 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; httponly; samesite=lax tinyUUID=02643c5277410000000000002d727764; expires=Wed, 11-Feb-2026 09:00:47 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com; samesite=lax early-access=yes%7C2021-02-12T09%3A00%3A47.161%2B00%3A00; expires=Wed, 11-Feb-2026 09:00:47 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com; samesite=lax x-powered-by PHP/7.3.24 cache-control max-age=600, public location https://tinyurl.com/app content-language en x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC cf-request-id 083711b91500006467d7123000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f082f4e6467-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	front.js Show response tinyurl.com/js/	751 KB 235 KB	26ms 24ms	Script text/javascript	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/js/front.js?id=2ed57c621f54575cdfcb Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2e947c069c465a2453ff8c7b3fef1155be9a7de6a6340cc4d48bbdb79b55d0c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:47 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 10 Feb 2021 11:59:53 GMT server cloudflare age 7104 etag W/"2574080358" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=14400 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 62051f0e993b6467-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 083711bd1b00006467b829e000000001
GET H2	200	fontawesome-webfont.woff2 tinyurl.com/fonts/	75 KB 76 KB	19ms 18ms	Font application/octet-stream	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Origin https://tinyurl.com Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:47 GMT cf-cache-status HIT server cloudflare age 7104 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/octet-stream cache-control max-age=14400 strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes cf-ray 62051f0e993c6467-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 cf-request-id 083711bd1b00006467b9a70000000001
GET H2	200	front.css tinyurl.com/css/	421 KB 68 KB	29ms 28ms	Stylesheet text/css	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/css/front.css?id=e9ec8010573ea46fdc05 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04a64b418c78dcb41b72dfa6853a8cfb4c9977524e9b7e13d5b95d765029b6fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Origin https://tinyurl.com Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:47 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 10 Feb 2021 11:59:53 GMT server cloudflare age 7104 etag W/"583031694" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=14400 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 62051f0e993d6467-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 083711bd1c00006467c68d7000000001
GET H2	200	css2 fonts.googleapis.com/	1 KB 505 B	35ms 15ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Bungee&display=swap Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ba4da86694cc76aa74b7cda64d80c1571c5356f6499614a3a830a571085f0188 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Origin https://tinyurl.com Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 12 Feb 2021 09:00:47 GMT server ESF date Fri, 12 Feb 2021 09:00:47 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 12 Feb 2021 09:00:47 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 999 B	34ms 14ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat&display=swap Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dd4637feac159f8b59833e72839ea36cfa44d0def0007e8ef4d3a31a43a8d5d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Origin https://tinyurl.com Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 12 Feb 2021 08:30:41 GMT server ESF date Fri, 12 Feb 2021 09:00:47 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 12 Feb 2021 09:00:47 GMT
GET H/1.1	200 OK	mapi.js Show response apis.malcolm.app/	54 KB 11 KB	249ms 100ms	Script text/javascript	52.31.226.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apis.malcolm.app/mapi.js?id=n9sEghF2ZC Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.226.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-226-39.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 626d48dc49f5cb9864c48d30565e4f93a7d30972d0fa89e6be892c62e060b260 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 12 Feb 2021 09:00:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection Keep-Alive Content-Length 10077 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 11 Feb 2021 16:53:30 GMT Server Apache ETag "Ym1I3En1y5hkxI0wVl5Pk6fTCXLQ+onmvoksYuBgsmA=-gzip" Vary Accept-Encoding,User-Agent Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/javascript;charset=UTF-8 Cache-Control public Accept-Ranges bytes Keep-Alive timeout=2, max=500
GET H/1.1	200 OK	tinyurl.com.js Show response tags-cdn.deployads.com/a/	458 KB 143 KB	93ms 28ms	Script text/javascript	143.204.209.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags-cdn.deployads.com/a/tinyurl.com.js Requested by Host: tinyurl.com URL: https://tinyurl.com/js/front.js?id=2ed57c621f54575cdfcb Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.209.95 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-209-95.fra53.r.cloudfront.net Software Jetty(9.4.22.v20191022) / Resource Hash d4a92137f3de6d051fb8a6494aa59aff8c498270bc4319f25d505f629496fffa Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Fri, 12 Feb 2021 08:42:22 GMT Content-Encoding gzip Connection keep-alive Last-Modified Fri, 12 Feb 2021 08:42:22 UTC Server Jetty(9.4.22.v20191022) Age 1106 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront) Cache-Control max-age=1800, public X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id EGSViXrQOrySQScodUmqxQfbW-vCHANuhD4DdSgep3ago0tsqbLLJw== Expires Fri, 12 Feb 2021 09:12:22 UTC
GET H2	200	check.svg tinyurl.com/images/home/	343 B 348 B	19ms 18ms	Image image/svg+xml	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tinyurl.com/images/home/check.svg Requested by Host: tinyurl.com URL: https://tinyurl.com/css/front.css?id=e9ec8010573ea46fdc05 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a3c3d3e458b63970d5581f74e5b165ea1c13347810bcc35b0ccc9dee521b573 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tinyurl.com/css/front.css?id=e9ec8010573ea46fdc05 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:47 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 10 Feb 2021 11:59:53 GMT server cloudflare age 5796 etag W/"253009897" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control max-age=14400 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 62051f0fb97d6467-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 083711bdd000006467b78b2000000001
GET H2	200	N0bU2SZBIuF2PU_0DXR1C9zfmQ.woff2 fonts.gstatic.com/s/bungee/v6/	13 KB 13 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1C9zfmQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Bungee&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a6fa9c0bff8a90c72659391b130bbdb1ecb554c449d2577d60244d1678401ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://tinyurl.com Referer https://fonts.googleapis.com/css2?family=Bungee&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 11 Feb 2021 09:20:02 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 03:47:57 GMT server sffe age 85245 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13004 x-xss-protection 0 expires Fri, 11 Feb 2022 09:20:02 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 fonts.gstatic.com/s/montserrat/v15/	13 KB 13 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://tinyurl.com Referer https://fonts.googleapis.com/css2?family=Montserrat&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 07 Feb 2021 15:30:55 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:14 GMT server sffe age 408592 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13708 x-xss-protection 0 expires Mon, 07 Feb 2022 15:30:55 GMT
GET H/1.1	200 OK	mapi.css apis.malcolm.app/	106 KB 8 KB	92ms 92ms	Stylesheet text/css	52.31.226.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apis.malcolm.app/mapi.css?id=tinyurl Requested by Host: apis.malcolm.app URL: https://apis.malcolm.app/mapi.js?id=n9sEghF2ZC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.226.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-226-39.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash e328e4c35d06be0c5daeb304915dfba4a25378ce1912650314f6a707a9f19f86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 12 Feb 2021 09:00:48 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection Keep-Alive Content-Length 7226 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 11 Feb 2021 16:53:31 GMT Server Apache ETag "4yjkw10GvgxdrrMEkV37pKJTeM4ZEmUDFPanB6nxn4Y=-gzip" Vary Accept-Encoding,User-Agent Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css;charset=UTF-8 Cache-Control public Accept-Ranges bytes Keep-Alive timeout=2, max=499
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	57 KB 19 KB	115ms 58ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash c3c83e52e5eda402864c282781c047a05a6ca5e79817aa6199c3fb8235d77f25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:48 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "781 / 879 of 1000 / last-modified: 1613085103" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19534 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:48 GMT
GET H2	200	sync Show response c.deployads.com/	466 B 654 B	143ms 53ms	XHR application/json	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/sync?u=https%3A%2F%2Ftinyurl.com%2Fapp&s=tinyurl.com&g=0&cc=0&cs=&client_build=20284 Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash ea235f11691e3d72a75f33d89a1e973a1a0b0f4804461133a2580d0651045957 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT server SortableCactus/1.0 content-type application/json access-control-allow-origin https://tinyurl.com cache-control no-cache access-control-allow-credentials true content-length 466
GET H3-Q050	200	css fonts.googleapis.com/	154 KB 6 KB	27ms 27ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Arimo:300,400,500,600,700|Lato:300,400,500,600,700|Lora:300,400,500,600,700|Montserrat:300,400,500,600,700|Merriweather:300,400,500,600,700|Merriweather+Sans:300,400,500,600,700|Muli:300,400,500,600,700|Noto+Sans:300,400,500,600,700|Noto+Serif:300,400,500,600,700|Nunito:300,400,500,600,700|Nunito+Sans:300,400,500,600,700|Open+Sans:300,400,500,600,700|Oswald:300,400,500,600,700|Playfair+Display:300,400,500,600,700|Poppins:300,400,500,600,700|PT+Sans:300,400,500,600,700|PT+Serif:300,400,500,600,700|Raleway:300,400,500,600,700|Roboto:300,400,500,600,700|Roboto+Mono:300,400,500,600,700|Roboto+Slab:300,400,500,600,700|Source+Sans+Pro:300,400,500,600,700|Source+Serif+Pro:300,400,500,600,700|Ubuntu:300,400,500,600,700|Ubuntu+Mono:300,400,500,600,700 Requested by Host: apis.malcolm.app URL: https://apis.malcolm.app/mapi.css?id=tinyurl Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8731100330e058da414ae1f868ee757dd1e3407d316d640e6e0df3521ef4100 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://apis.malcolm.app/mapi.css?id=tinyurl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 12 Feb 2021 09:00:48 GMT server ESF date Fri, 12 Feb 2021 09:00:48 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 12 Feb 2021 09:00:48 GMT
GET H/1.1	200 OK	embeds Show response apis.malcolm.app/	602 B 777 B	193ms 193ms	Script text/javascript	52.31.226.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apis.malcolm.app/embeds?id=tinyurl&url=https%3A%2F%2Ftinyurl.com%2Fapp&width=1600&callback=mapi.getEmbedsCallback Requested by Host: apis.malcolm.app URL: https://apis.malcolm.app/mapi.js?id=n9sEghF2ZC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.226.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-226-39.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash df64e8450775f06a0fcee6b5c9856286402cc4a9c9b60f050e80ed135ad0faac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 12 Feb 2021 09:00:48 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Server Apache Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/javascript; charset=UTF-8 Cache-Control no-cache, private X-Content-Type-Options nosniff Connection Keep-Alive Vary Accept-Encoding,User-Agent Content-Length 315 X-XSS-Protection 1; mode=block Keep-Alive timeout=2, max=498
GET H3-Q050	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2 fonts.gstatic.com/s/montserrat/v15/	13 KB 13 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Arimo:300,400,500,600,700|Lato:300,400,500,600,700|Lora:300,400,500,600,700|Montserrat:300,400,500,600,700|Merriweather:300,400,500,600,700|Merriweather+Sans:300,400,500,600,700|Muli:300,400,500,600,700|Noto+Sans:300,400,500,600,700|Noto+Serif:300,400,500,600,700|Nunito:300,400,500,600,700|Nunito+Sans:300,400,500,600,700|Open+Sans:300,400,500,600,700|Oswald:300,400,500,600,700|Playfair+Display:300,400,500,600,700|Poppins:300,400,500,600,700|PT+Sans:300,400,500,600,700|PT+Serif:300,400,500,600,700|Raleway:300,400,500,600,700|Roboto:300,400,500,600,700|Roboto+Mono:300,400,500,600,700|Roboto+Slab:300,400,500,600,700|Source+Sans+Pro:300,400,500,600,700|Source+Serif+Pro:300,400,500,600,700|Ubuntu:300,400,500,600,700|Ubuntu+Mono:300,400,500,600,700 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://tinyurl.com Referer https://fonts.googleapis.com/css?family=Arimo:300,400,500,600,700|Lato:300,400,500,600,700|Lora:300,400,500,600,700|Montserrat:300,400,500,600,700|Merriweather:300,400,500,600,700|Merriweather+Sans:300,400,500,600,700|Muli:300,400,500,600,700|Noto+Sans:300,400,500,600,700|Noto+Serif:300,400,500,600,700|Nunito:300,400,500,600,700|Nunito+Sans:300,400,500,600,700|Open+Sans:300,400,500,600,700|Oswald:300,400,500,600,700|Playfair+Display:300,400,500,600,700|Poppins:300,400,500,600,700|PT+Sans:300,400,500,600,700|PT+Serif:300,400,500,600,700|Raleway:300,400,500,600,700|Roboto:300,400,500,600,700|Roboto+Mono:300,400,500,600,700|Roboto+Slab:300,400,500,600,700|Source+Sans+Pro:300,400,500,600,700|Source+Serif+Pro:300,400,500,600,700|Ubuntu:300,400,500,600,700|Ubuntu+Mono:300,400,500,600,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 11 Feb 2021 12:56:44 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:07 GMT server sffe age 72244 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13640 x-xss-protection 0 expires Fri, 11 Feb 2022 12:56:44 GMT
GET H3-Q050	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2 fonts.gstatic.com/s/montserrat/v15/	13 KB 13 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Arimo:300,400,500,600,700|Lato:300,400,500,600,700|Lora:300,400,500,600,700|Montserrat:300,400,500,600,700|Merriweather:300,400,500,600,700|Merriweather+Sans:300,400,500,600,700|Muli:300,400,500,600,700|Noto+Sans:300,400,500,600,700|Noto+Serif:300,400,500,600,700|Nunito:300,400,500,600,700|Nunito+Sans:300,400,500,600,700|Open+Sans:300,400,500,600,700|Oswald:300,400,500,600,700|Playfair+Display:300,400,500,600,700|Poppins:300,400,500,600,700|PT+Sans:300,400,500,600,700|PT+Serif:300,400,500,600,700|Raleway:300,400,500,600,700|Roboto:300,400,500,600,700|Roboto+Mono:300,400,500,600,700|Roboto+Slab:300,400,500,600,700|Source+Sans+Pro:300,400,500,600,700|Source+Serif+Pro:300,400,500,600,700|Ubuntu:300,400,500,600,700|Ubuntu+Mono:300,400,500,600,700 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://tinyurl.com Referer https://fonts.googleapis.com/css?family=Arimo:300,400,500,600,700|Lato:300,400,500,600,700|Lora:300,400,500,600,700|Montserrat:300,400,500,600,700|Merriweather:300,400,500,600,700|Merriweather+Sans:300,400,500,600,700|Muli:300,400,500,600,700|Noto+Sans:300,400,500,600,700|Noto+Serif:300,400,500,600,700|Nunito:300,400,500,600,700|Nunito+Sans:300,400,500,600,700|Open+Sans:300,400,500,600,700|Oswald:300,400,500,600,700|Playfair+Display:300,400,500,600,700|Poppins:300,400,500,600,700|PT+Sans:300,400,500,600,700|PT+Serif:300,400,500,600,700|Raleway:300,400,500,600,700|Roboto:300,400,500,600,700|Roboto+Mono:300,400,500,600,700|Roboto+Slab:300,400,500,600,700|Source+Sans+Pro:300,400,500,600,700|Source+Serif+Pro:300,400,500,600,700|Ubuntu:300,400,500,600,700|Ubuntu+Mono:300,400,500,600,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 04:25:34 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:15 GMT server sffe age 16514 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13612 x-xss-protection 0 expires Sat, 12 Feb 2022 04:25:34 GMT
GET H3-Q050	200	pubads_impl_2021020901.js Show response securepubads.g.doubleclick.net/gpt/	288 KB 101 KB	107ms 73ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:48 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Feb 2021 09:41:39 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 103372 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:48 GMT
GET H2	200	GUMG Show response c.deployads.com/cs/ Frame A58F Redirect Chain https://rtb.gumgum.com/getuid/szurmxm0?r=https%3A%2F%2Fc.deployads.com%2Fcs%2FGUMG%3Fb%3D https://c.deployads.com/cs/GUMG?b=e_67e2c6ac-1090-4d88-b845-d2c8af85b4ef	43 B 302 B	44ms 43ms	Document image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/cs/GUMG?b=e_67e2c6ac-1090-4d88-b845-d2c8af85b4ef Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers :method GET :authority c.deployads.com :scheme https :path /cs/GUMG?b=e_67e2c6ac-1090-4d88-b845-d2c8af85b4ef pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer about:blank Response headers date Fri, 12 Feb 2021 09:00:48 GMT content-type image/gif content-length 43 server SortableCactus/1.0 set-cookie d7s_dc=44GUMGde_67e2c6ac-1090-4d88-b845-d2c8af85b4efA;Path=/;Expires=Sat, 12-Feb-2022 15:00:48 GMT;Max-Age=31557600;Secure;SameSite=None expires Thu, 01 Jan 1970 00:00:00 GMT cache-control no-cache pragma no-cache Redirect headers date Fri, 12 Feb 2021 09:00:48 GMT content-length 0 location https://c.deployads.com/cs/GUMG?b=e_67e2c6ac-1090-4d88-b845-d2c8af85b4ef server nginx p3p CP="This is not a P3P policy" set-cookie vst=e_67e2c6ac-1090-4d88-b845-d2c8af85b4ef; Domain=.gumgum.com; Expires=Sat, 12-Feb-2022 09:00:48 GMT; Path=/; Secure; SameSite=None content-language en-US timing-allow-origin *
GET H2	200	VZNM c.deployads.com/cs/ Redirect Chain https://pixel.advertising.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true https://pixel.advertising.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&verify=true https://ups.analytics.yahoo.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 https://ups.analytics.yahoo.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2&verify=true https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2	43 B 395 B	43ms 43ms	Image image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:48 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 Connection keep-alive Content-Length 0
GET H2	200	SPTX c.deployads.com/cs/ Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=cc909151-6d10-11eb-88bc-1d7abbad3306 https://c.deployads.com/cs/SPTX?uid=cc909110-6d10-11eb-88bc-1d7abbad3306	43 B 300 B	43ms 43ms	Image image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/SPTX?uid=cc909110-6d10-11eb-88bc-1d7abbad3306 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:48 GMT Server nginx Location https://c.deployads.com/cs/SPTX?uid=cc909110-6d10-11eb-88bc-1d7abbad3306 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 64 Connection keep-alive Content-Length 0
GET H2	200	TTD c.deployads.com/cs/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1 https://c.deployads.com/cs/TTD?b=7da1cf18-ec46-4a64-a87a-52f2fe491b37	43 B 333 B	43ms 43ms	Image image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/TTD?b=7da1cf18-ec46-4a64-a87a-52f2fe491b37 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://c.deployads.com/cs/TTD?b=7da1cf18-ec46-4a64-a87a-52f2fe491b37 cache-control private,no-cache, must-revalidate content-type text/html content-length 169
GET H2	200	r1 c.deployads.com/cs/ Redirect Chain https://sync.1rx.io/usersync2/sortable https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5730435290 https://sync.1rx.io/usersync/tradedesk/7da1cf18-ec46-4a64-a87a-52f2fe491b37 https://sync.targeting.unrulymedia.com/csync/RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2Fr1%3Fb%3DRX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 https://c.deployads.com/cs/r1?b=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003	43 B 367 B	44ms 43ms	Image image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/r1?b=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:48 GMT Server Tengine ETag RXdc67583ed8ea42d7832e67208cfd5a23003 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://c.deployads.com/cs/r1?b=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 Connection keep-alive Content-Type text/html
OPTIONS H2	200	v1 dmx.districtm.io/b/ Frame	0 0	81ms 37ms	Other	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Protocol H2 Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://tinyurl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers date Fri, 12 Feb 2021 09:00:48 GMT content-length 0 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS cf-request-id 083711c0340000cc3ece047000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 62051f138e0bcc3e-ZRH
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 654 B	304ms 251ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969105017575db4f32e72422f001ee&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash b068f656b47bf648f8be1ed96724ba26456a179d119df3f212444b8710ce9863 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 12 Feb 2021 09:00:48 GMT Server ATS/7.1.2.128 Age 0 Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 654 B	166ms 114ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969520017575db52c1e725070101f4&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash 278b5978fb381f616f3cc9b3fb19d95e6d38d9746bd3424b8c6daafb08db1d62 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 12 Feb 2021 09:00:48 GMT Server ATS/7.1.2.128 Age 0 Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 654 B	194ms 142ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash dfd9b3b2f443ea3b56f51d6b1d1e9444b1c09f66e8683ade5447292b150baada Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 12 Feb 2021 09:00:48 GMT Server ATS/7.1.2.128 Age 0 Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 293 B	95ms 44ms	XHR application/json	52.57.210.202 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=4.23.0_custom&referrer=https%3A%2F%2Ftinyurl.com%2Fapp&tmax=2000 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.210.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-210-202.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT x-auction-status 12, 12 content-type application/json; charset=utf-8 access-control-allow-origin https://tinyurl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 710 B	107ms 53ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:48 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.91:80 AN-X-Request-Uuid 3fe788f3-a02a-47e6-8a8e-3da1158c3e14 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST		v1 dmx.districtm.io/b/	0 0
POST H2	200	bid-request Show response a.teads.tv/hb/	16 B 295 B	175ms 115ms	XHR application/json	184.30.21.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.21.51 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-21-51.deploy.static.akamaitechnologies.com Software / Resource Hash 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://tinyurl.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Fri, 12 Feb 2021 09:00:48 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 710 B	82ms 29ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:48 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.81:80 AN-X-Request-Uuid c134d6f0-cd1f-4c8d-9572-ba472bdb0034 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 352 B	151ms 54ms	XHR text/plain	3.248.44.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=4.23.0_custom&p=%5B%7B%22placement_id%22%3A%22kl229jssnjvaxx%22%2C%22callback_id%22%3A%2219c9e05bd2944ff%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%2C%5B300%2C250%5D%2C%5B320%2C100%5D%5D%2C%22ym_placement_id%22%3A%222352983247081644305%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2Fapp&bust=1613120448506&pr=https%3A%2F%2Ftinyurl.com%2Fapp&scrd=1&dnt=false&description=TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.44.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-44-9.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://tinyurl.com pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
GET H/1.1	200 OK	trinity.json Show response apex.go.sonobi.com/	693 B 2 KB	210ms 86ms	XHR application/json	178.162.133.150 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2221ec27fb699ef5d%22%3A%226998b185322cd01e15a7%7C336x280%2C300x250%2C320x100%22%2C%222247d1a475fd2f6%22%3A%226998b185322cd01e15a7%7C728x90%2C468x60%2C728x15%22%7D&ref=https%3A%2F%2Ftinyurl.com%2Fapp&s=8970e5fa-a24d-4aa5-a96b-fd52a7d83e7d&pv=fdab8597-f502-4b86-a334-5bfb54db379a&vp=desktop&lib_name=prebid&lib_v=4.23.0_custom&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-apex.go.sonobi.com Software sonobi-go / Resource Hash 6585c9fb6ab0ac66c20d8c1885451dfe9ec2f508ea8b8cb94f86e838c0e3db91 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:48 GMT Content-Encoding gzip Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server apex-ams-1-6-10 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-cache, no-store, private Access-Control-Allow-Credentials true Tcn Choice Content-Type application/json Content-Length 425 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	auction Show response c.deployads.com/openrtb2/	526 B 885 B	151ms 150ms	XHR application/json	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/openrtb2/auction?src=prebid_prebid_4.23.0_custom&host=tinyurl.com Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash efa6888692072fe0fba6420d0f7c094fb0846c79c8ce7e7cb3f64353a1e38a41 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT server SortableCactus/1.0 content-type application/json access-control-allow-origin https://tinyurl.com cache-control no-cache access-control-allow-credentials true content-length 526 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.ch/adsid/	109 B 803 B	49ms 28ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ch/adsid/integrator.js?domain=tinyurl.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:48 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 169 B	28ms 27ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=tinyurl.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:48 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	10 KB 4 KB	71ms 70ms	XHR text/plain	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=345988286580353&correlator=1475235389116068&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C31060020&vrg=2021020901&ptt=17&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210212&iu_parts=1966186%2CPub_tinyurl.com_300x250_336x280_300x600%2CPub_tinyurl.com_970x90_970x250_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=336x280%7C300x250%7C320x100%2C728x90%7C468x60%7C728x15&prev_scp=v%3D1%2C4%26u%3D3y2%26sdbg%3D1%26st%3D3%2C8%7Cv%3D1%2C4%26u%3D6kg%26sdbg%3D1%26st%3D3%2C8&cust_params=pt%3Dapp%26ab%3D1a%26pm%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1613120448&dt=1613120448829&dlt=1613120447767&idt=658&frm=20&biw=1600&bih=1200&oid=3&adxs=942%2C50&adys=75%2C748&adks=3694741796%2C42115649&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftinyurl.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=510x-1%7C1530x-1&msz=480x-1%7C1500x-1&ga_vid=414947259.1613120449&ga_sid=1613120449&ga_hid=258872529&fws=4%2C4&ohw=510%2C1600 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash a3f0cc5d395f654feabdc7f47f228f2a10713b42317cb006ce1417257c9c8380 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:48 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4070 x-xss-protection 0 google-lineitem-id 4348201566,4348201566 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138203891604,138203891592 content-type text/plain; charset=UTF-8 access-control-allow-origin https://tinyurl.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html a2bdf2f0e07396737f2edb33be72efc2.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	46ms 14ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a2bdf2f0e07396737f2edb33be72efc2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	6ms 6ms	Other text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 654 B	106ms 105ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash 9c33c22d59c0b4a7b0e83f3278bc95f5c03d0c146f73378666498c75e10077f7 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 12 Feb 2021 09:00:49 GMT Server ATS/7.1.2.128 Age 1 Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
POST H2	200	bid-request Show response a.teads.tv/hb/	16 B 359 B	60ms 59ms	XHR application/json	184.30.21.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.21.51 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-21-51.deploy.static.akamaitechnologies.com Software / Resource Hash 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://tinyurl.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Fri, 12 Feb 2021 09:00:48 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 711 B	36ms 36ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:48 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.103:80 AN-X-Request-Uuid 6728446f-13bc-4295-b82b-f2dbad9061f9 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 276 B	38ms 38ms	XHR application/json	52.57.210.202 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=4.23.0_custom&referrer=https%3A%2F%2Ftinyurl.com%2Fapp&tmax=2000 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.210.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-210-202.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT x-auction-status 12 content-type application/json; charset=utf-8 access-control-allow-origin https://tinyurl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 351 B	57ms 56ms	XHR text/plain	3.248.44.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=4.23.0_custom&p=%5B%7B%22placement_id%22%3A%22ad-kl229kdifjuojf%22%2C%22callback_id%22%3A%223634aa18f43551f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222352983247081644305%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2Fapp&bust=1613120448931&pr=https%3A%2F%2Ftinyurl.com%2Fapp&scrd=1&dnt=false&description=TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.44.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-44-9.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://tinyurl.com pragma no-cache date Fri, 12 Feb 2021 09:00:48 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 711 B	30ms 30ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:48 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.105:80 AN-X-Request-Uuid c362d15f-6052-41a2-b7ac-a7e1b2c19fe4 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST		v1 dmx.districtm.io/b/	0 0
POST H2	200	auction Show response c.deployads.com/openrtb2/	516 B 909 B	145ms 145ms	XHR application/json	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/openrtb2/auction?src=prebid_prebid_4.23.0_custom&host=tinyurl.com Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash da92f183082141d0c5caf9a5cf1a58ec5f471dbdc7ddcd4c2cc2c36188cb1fa7 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:49 GMT server SortableCactus/1.0 content-type application/json access-control-allow-origin https://tinyurl.com cache-control no-cache access-control-allow-credentials true content-length 516 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	trinity.json Show response apex.go.sonobi.com/	672 B 2 KB	84ms 84ms	XHR application/json	178.162.133.150 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2242a02626e08a20e%22%3A%22ad559ed82e9f14739f52%7C728x90%22%7D&ref=https%3A%2F%2Ftinyurl.com%2Fapp&s=b92fd7c1-a831-4c68-b704-8fbccf621ca2&pv=fdab8597-f502-4b86-a334-5bfb54db379a&vp=desktop&lib_name=prebid&lib_v=4.23.0_custom&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-apex.go.sonobi.com Software sonobi-go / Resource Hash cc853f891b9556b37aac842f85c42fa2e2bf524febb6ea45e48fc4e916f0da08 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:48 GMT Content-Encoding gzip Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server apex-ams-1-6-10 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-cache, no-store, private Access-Control-Allow-Credentials true Tcn Choice Content-Type application/json Content-Length 404 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	tinyurl.com Show response e.deployads.com/e/	2 B 127 B	144ms 45ms	XHR text/plain	54.229.0.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e.deployads.com/e/tinyurl.com Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.229.0.86 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-0-86.eu-west-1.compute.amazonaws.com Software Jetty(7.6.12.v20130726) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Fri, 12 Feb 2021 09:00:49 GMT server Jetty(7.6.12.v20130726) content-length 2 content-type text/plain;charset=UTF-8
OPTIONS H2	200	v1 dmx.districtm.io/b/ Frame	0 0	25ms 25ms	Other	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Protocol H2 Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://tinyurl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers date Fri, 12 Feb 2021 09:00:48 GMT content-length 0 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS cf-request-id 083711c1b30000cc3ec831c000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 62051f15eadfcc3e-ZRH
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 8898	0 0	61ms 60ms	Fetch image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXimp2mGlVISNwDLbdg5nsqmws__MEj6YetDp0fQxJQ9mbNNodjkwpSty-FQn2xRB9FBpaiiFV5dKPUXiOiSmTYJ_qNOUCWcGWxkk3fGXcwthRsihFijbWQgHRI6Owr3YMth9RJOZwxEBtLyA5J1c4gHmqv7yJYTszz6XZE-eU6eK-BmXuFcxFPScBsZ5d5FM9QVbrixv8M1Td4BX15_TjT8YvmmZZy8fUT943TypTwfg9E3m9ZvUDGgONAhnttqcjSndUIEs45EDUdzWS7KIVZc3dNmD823ejym2-Vqph1kLR2wtSrf0R1g78X2fmxskQd3azHcF0RA&sai=AMfl-YSLkLQq7Ykvvhbp0GY46njiPSNOrNVTl4undN9YpcjXNhil5Fj3NX82I5shAwKmeClgTq5REkxCFHcr2by5uumY65oz4anzuNGqP2dsQ29aQW_XJN8G2AwYdJebkBA&sig=Cg0ArKJSzMct5OJTTTn-EAE&urlfix=1&adurl= Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:49 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:49 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/ Frame 8898	7 KB 2 KB	306ms 254ms	Script application/x-javascript	104.18.5.23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 083711c3800000cc42e7a69000000001 x-function 151 last-modified Fri, 21 Jun 2013 00:18:47 GMT server cloudflare x-reuse-index 1782 etag 5909443542969422214 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, public cf-ray 62051f18cd8dcc42-ZRH expires Fri, 12 Feb 2021 10:00:49 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8898	107 KB 33 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1612960666436283" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 33367 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:49 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 0677	0 0	63ms 61ms	Fetch image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_wefuxi5EqjRhZQHlqbjEfczzP_u21ANBJGQ6flwW5_RJHzR0dQvILNq6gB27qkqHW5ZRQeVLMnPQCIvdzmOV6h2jfOBX2s5BE4nhudjFifdAhMfxbLcWBlVA9qkQ4YYeLvtw9yO8XvXqG_CP1KgYT5i7D0iFMaI5TSLZRcotSA7RmPbe4uK4CymRggtTeUWxHHiwOkCY6AiR6hJPYsG34Q_0H_JWIYUq7KbYBW8MjmAhwA5Pq4SYG2YxwNUaMiQh34fusjLJ4_jWgJ7XFukTscBM2l4cPmIItBwKy8oDqlEKj6UbqfO9BJ1J2oTN1rYx85G5zXA&sai=AMfl-YRqmoWaUe4uvqLXxkcoOwhsBI-Svhn3raSZp3A7fB4gvrwQyOY1WQxaUig8RilSR2kHN7bzvcBn-sD_DM8DyRHc9QEoBcUWQkep-YA94DkeoEalmJ51ldNl0L_xJYk&sig=Cg0ArKJSzJ3829VzF3mREAE&urlfix=1&adurl= Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:49 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:49 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/ Frame 0677	7 KB 3 KB	300ms 253ms	Script application/x-javascript	104.18.5.23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 083711c3830000cc42fb025000000001 x-function 151 last-modified Fri, 21 Jun 2013 00:18:47 GMT server cloudflare x-reuse-index 67 etag 5909443542969422214 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, public cf-ray 62051f18cd93cc42-ZRH expires Fri, 12 Feb 2021 10:00:49 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0677	107 KB 33 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1612960666436283" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 33367 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:49 GMT
GET H3-Q050	200	osd.js Show response www.googletagservices.com/activeview/js/current/	74 KB 28 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1612960672666234" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28344 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:49 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 6 KB	32ms 32ms	XHR application/json	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020901&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e62f25a260b002635e132e33e4023c08d5ced5494c7b50ec3369e15c6eb444bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6324 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 3 KB	92ms 92ms	XHR text/plain	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=345988286580353&correlator=1475235389116068&output=ldjh&impl=fifs&adsid=NT&eid=21068773%2C21068891%2C31060020&vrg=2021020901&ptt=17&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210212&iu_parts=1966186%2CPub_tinyurl.com_728x90_7&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=s%3D0%26v%3D3%26u%3D85q%26sdbg%3D1%26st%3D8&cust_params=pt%3Dapp%26ab%3D1a%26pm%3D1&cookie=ID%3D18f4a05d78b4c7cc-225cabe073ba00d8%3AT%3D1613120448%3AS%3DALNI_MYUIzXZmIFwmw2uGsmC7rmOnYdldA&bc=31&abxe=1&lmt=1613120449&dt=1613120449369&dlt=1613120447767&idt=658&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3783690535&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftinyurl.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H_WVf0vFvrS4s2mbfuP0rwlenejW9ZZXNp4gPpq9mbQufvfe7Mq72_VcqMnlYcl3BejpUyHvKWnB4NhcF32vnw%2CAGkb-H9MfPHIA-_rF9XkUIjazff28cvcG7k2GXZxUkkE4scbkDTvDB1kcCdi68oVJ_4JeORswbxlWa1qrddA670Qs_I&ga_vid=414947259.1613120449&ga_sid=1613120449&ga_hid=258872529&fws=128&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 5421e2090a1186422c9fa918851108a9bd52af576248e736548cf495ad63090d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2555 x-xss-protection 0 google-lineitem-id 4348201566 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138203891589 content-type text/plain; charset=UTF-8 access-control-allow-origin https://tinyurl.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	43ms 28ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1611170586013198" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6403 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:49 GMT
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3E22	12 KB 5 KB	7ms 7ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/221/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4984 date Fri, 12 Feb 2021 08:58:43 GMT expires Sat, 12 Feb 2022 08:58:43 GMT last-modified Tue, 08 Dec 2020 21:41:15 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 126 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Show response pagead2.googlesyndication.com/bg/ Frame 3E22	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 11 Feb 2021 11:41:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 03 Feb 2021 00:15:00 GMT server sffe age 76785 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6263 x-xss-protection 0 expires Fri, 11 Feb 2022 11:41:04 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 8BA9	0 0	61ms 60ms	Fetch image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5pM1-yt8bTQxRwPJMMu6YQNZrc92f5sltizjl1H3-M68Bx2h7CIndP7g23gfOU82WvQ_5fF3aJCxKJi48XmeFQt67FibXJuc0ReJFVyzEf0HZYMj5jV70pIOAjr2o5VQe3E8gdlGPEc4um_-zVSF0M_OynnaxxD74peFnamvTkXe-LVIuqzbzfWDj-BVC8IXRuKgprXsNa3kqaxJ75wHNWs48d7t3PyuZQGK-a-023jadKAcafQFszgvqEUbvl_fozi7ZDfba9yvQ3ESAd5ycxA-BEsmK2alL1J3oeETFktFOl4Abiw4&sig=Cg0ArKJSzNbyAwLz18grEAE&urlfix=1&adurl= Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:49 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/ Frame 8BA9	7 KB 2 KB	848ms 847ms	Script application/x-javascript	104.18.5.23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 083711c3db0000cc424fbee000000001 x-function 151 last-modified Fri, 21 Jun 2013 00:18:47 GMT server cloudflare x-reuse-index 1 etag 5909443542969422214 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, public cf-ray 62051f195f14cc42-ZRH expires Fri, 12 Feb 2021 10:00:50 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8BA9	107 KB 33 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1612960666436283" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 33367 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:49 GMT
POST H2	200	tinyurl.com Show response e.deployads.com/e/	2 B 126 B	51ms 51ms	XHR text/plain	54.229.0.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e.deployads.com/e/tinyurl.com Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.229.0.86 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-0-86.eu-west-1.compute.amazonaws.com Software Jetty(7.6.12.v20130726) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Fri, 12 Feb 2021 09:00:49 GMT server Jetty(7.6.12.v20130726) content-length 2 content-type text/plain;charset=UTF-8
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 122 B	43ms 42ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020901&jk=345988286580353&bg=!JiWlJWbNAAWP4B5EjzsAKQB2-DxaUbEvHnABws4VYajFV-0bOowAt901R8BlVhQ-fyNXjb34IIeJAgAAAGRSAAAADGgBBwoBU4jNnAzwmNd_EkTiUWHa9HNw_B_AagAy_ntWS8IPNSb3mXWhMwwAfDjDJWOCwH9BvUQDzxLU-b0R07xx0OBJcpHn5lX1qhYkiwXmITMVSQ3a-BdJjM242aW5lMRT0jhWkmPNbwFj0qnOvM0gSGzNl6QLFdefx1-ynW8YpjMHsB15Qs4QYfGGM_aaumCbdFkul_4C8KwnHxXzfmS0qEE-P99mAgM6jpVsFNV_IezVM7nGmwnKJfPfrfXrxRkD4OHEPr5VKM6HP_4HY9uaH89AVSyqjxKMd072zfrkuAXjgWXG0YzM_gghpzznFZl02E1uVp-LQHSANB9ruZ6ZLVQJ24fy1pTz6bzqKG39I3UqHe8wpGC6FS49Uep-hsJvp80lHvVBpo9vu7S-ygxYILGLz3RxnciRTKryP-xR5bHdZWIPxXSY_dAJU9afSiH6rStoE03YwpkB3TIjnZVgEl-gPnv01zd2HDyfnlBYWlJfjY0YWOBoKKd0fflURSkOHJ9NShJThDhbBWJSMFHiS7JA6UIvFI-fbgf73BPizzwM0i2iZ2-yRTvRznnqUIcTldDpOfTcuVFB8rO0LpaP9pOP0OXApFO12-fzrVGE7I_Ggx9yI4lvJUfVu9z1mRlt1zUVmLMjk2UsGUNXG95zpVMYYhT8XUR-Fkn0ztzF-ZhLomjs4ep4916IVFJwyXlDY7glvU5_tP7sakJvW0f3GAizovDJWhOjGOSzjj-1bJXm3lO9dmNAm-Bh7qCXzQ-LA5stDd2I8_Oc_Rwe9VPyuyQSZ08S0LfVJYRPPbGsNplSWSqEviR60RcMbxvXsQhv-Q_w3i9bst5DqBvxNePOCwjOWeK1obyVrMM9eI1sJwBqULe9HaL_zMPS43lNWJocoyk2Vqge-ySuuPG2P0GmTOoj-V2rmB6wULN7KCYjpLlh7RiO_isX2fsxsvhhgyizO_EBTNj4hewQrx2Cqy58sXvqXOKsM0JASF6HKlan6QXv6N1itNuxp-NhQLmXLk-pZhGYw6UKafHoGURYtXe2NLfsERi2LemNYqoY5sI7r60usUFbeOzquAHqIsTY-0rzQzCXR8iciw Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tags.js Show response s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/ Frame 0677	59 KB 14 KB	244ms 203ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec5d24ebfef13bc9cd2aa47a66883d48dedbe488603d8bfb808b8383c25dfd3 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14006 cf-request-id 083711c4a50000cc6225073000000001 x-function 151 last-modified Wed, 29 Jul 2020 11:50:12 GMT server cloudflare x-reuse-index 80 etag 18249962694228142433 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 62051f1a9f38cc62-ZRH expires Fri, 12 Feb 2021 10:00:49 GMT
GET H2	200	tags.js Show response s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/ Frame 8898	59 KB 14 KB	261ms 221ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec5d24ebfef13bc9cd2aa47a66883d48dedbe488603d8bfb808b8383c25dfd3 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:49 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14006 cf-request-id 083711c4a50000cc6274bc6000000001 x-function 151 last-modified Wed, 29 Jul 2020 11:50:12 GMT server cloudflare x-reuse-index 25 etag 18249962694228142433 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 62051f1a9f40cc62-ZRH expires Fri, 12 Feb 2021 10:00:49 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 0677	678 B 764 B	200ms 199ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af9b15fe4a115b75bf2ed01e62d4320dbb5c987d4d97b81b8d3ceb907e617917 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 331 cf-request-id 083711c5760000cc628d830000000001 x-function 153 last-modified Tue, 04 Apr 2017 05:09:56 GMT server cloudflare x-reuse-index 907 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 62051f1be9b0cc62-ZRH expires Thu, 13 May 2021 09:00:50 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 8898	677 B 678 B	194ms 194ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a98f007658feac6012e38e75a3085dd748dda71866db9bcb6f29a1ba2d005a02 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 331 cf-request-id 083711c5920000cc62852d6000000001 x-function 153 last-modified Tue, 04 Apr 2017 05:09:56 GMT server cloudflare x-reuse-index 551 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 62051f1c1a08cc62-ZRH expires Thu, 13 May 2021 09:00:50 GMT
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame 0677	5 KB 2 KB	200ms 200ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf930d77f528c1ce51808042eca007be3606e8064571d19d07964995518fec5c Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1888 cf-request-id 083711c6420000cc62fd9aa000000001 pragma no-cache x-function 101 server cloudflare x-reuse-index 246 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 62051f1d3cc1cc62-ZRH expires 0
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame 8898	2 KB 1 KB	189ms 189ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aTmneM3drp0dYCmHAN5PQQSFnQQNCVwM&a=3&adContainerId=richmedia_4&rnd=374752 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f664ec688215052a796daa3d85932df24f7bb74e05ea623ebab69e22fe138a31 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 802 cf-request-id 083711c64d0000cc623e8a2000000001 pragma no-cache x-function 101 server cloudflare x-reuse-index 1723 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 62051f1d4cf1cc62-ZRH expires 0
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 385C	371 B 619 B	184ms 184ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=armTo64sY40UUIV6us2AB7R6JH4HUo1WvAptTn563Y5VvcTV3dUcZbjSAnvUdU3UUrR3rEmUqvxTEQbQTBKSG3ZdPrawRHfiUGY55r6sntqr0qTu2t3CSVJZa4AJZamdIrVdJhXFU9XFU90TqpPrnFTrMSVt31nrJoRbZbNYTFs3TZba4T75oTJGXF7dWWJXmPrBmsYsotnL2aQj3H6s3AvGprbEXtZbQUUYjsTcRcv&mediaDataID=6546596&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b0dbd2216251d756c0050aa6651f0c9e3a30e22fc3d1d285761e7d6d163e85a Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=armTo64sY40UUIV6us2AB7R6JH4HUo1WvAptTn563Y5VvcTV3dUcZbjSAnvUdU3UUrR3rEmUqvxTEQbQTBKSG3ZdPrawRHfiUGY55r6sntqr0qTu2t3CSVJZa4AJZamdIrVdJhXFU9XFU90TqpPrnFTrMSVt31nrJoRbZbNYTFs3TZba4T75oTJGXF7dWWJXmPrBmsYsotnL2aQj3H6s3AvGprbEXtZbQUUYjsTcRcv&mediaDataID=6546596&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 443 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c70c0000cc62250ab000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e7f86cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 0DE4	257 B 322 B	195ms 194ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=asmTo61rZb8WHbRm63DmcfpmHvC2qvj5HIN3PnFnrvEXcMVYVQ2XGJNmEZbU3UQ2VbvZaWPv2REnSSsUtQtUw1drrV6vm3GYU0FnDUAit5AZb8R6fC2tYr0tMAnW2v36QP3GrgTGr6Vsn8R6FyWtMUTUBP3bIqVqrmTanlQEBZdQVJCPFuqPHr6WGrS4FTxmteOYEPO2WMZbPcfA4AYZdmdXyVWQhXTZbbUcFXv7QX55&mediaDataID=2713736&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab44b3d5992b17d8ffed0c2279a41ddda90b9e5bb591852ad00f3ffbbe9fb649 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=asmTo61rZb8WHbRm63DmcfpmHvC2qvj5HIN3PnFnrvEXcMVYVQ2XGJNmEZbU3UQ2VbvZaWPv2REnSSsUtQtUw1drrV6vm3GYU0FnDUAit5AZb8R6fC2tYr0tMAnW2v36QP3GrgTGr6Vsn8R6FyWtMUTUBP3bIqVqrmTanlQEBZdQVJCPFuqPHr6WGrS4FTxmteOYEPO2WMZbPcfA4AYZdmdXyVWQhXTZbbUcFXv7QX55&mediaDataID=2713736&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 262 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c70d0000cc62000f6000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e7f87cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 81AB	273 B 331 B	211ms 210ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=atmTo6UVMT2FumotisXquw4dQCPGBG5mnHmtPOTWZbhXFM8YbZbfXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUh4qj5mT7LXFBfWWBXnmfZamV7mmHUC3TYk2tZaN5mvZbprrZb0sn0YGv11VrnnavP5FMTWbZbZcWArXQEMXSVrMQdUOYt7uVPbN4sr1XUQBTmXw4AQeQPFG2dUM1t3ZanWZaw36BY3sjgTWjc1U7YwsV1Ho&mediaDataID=6530936&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32d8f62ea9b2f9596c9cde9a7f56ce9e687fffc6cffae1da404ddd47b5b75dad Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=atmTo6UVMT2FumotisXquw4dQCPGBG5mnHmtPOTWZbhXFM8YbZbfXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUh4qj5mT7LXFBfWWBXnmfZamV7mmHUC3TYk2tZaN5mvZbprrZb0sn0YGv11VrnnavP5FMTWbZbZcWArXQEMXSVrMQdUOYt7uVPbN4sr1XUQBTmXw4AQeQPFG2dUM1t3ZanWZaw36BY3sjgTWjc1U7YwsV1Ho&mediaDataID=6530936&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 75 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c70d0000cc62fd9be000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e7f8acc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 0EAD	445 B 420 B	191ms 191ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aumTo60UUIVmqm4Av7QABD4Wvy1tUZdmWao3mJ05sngTG37WVfePPrMTtnVUrjP3FTwWarnTT3jSEYZdSVQZbPbqqRHMlVcr52U2xnWqoYaev4dYEPVZbC4PrHoWXtVWB80UnkYrbk1quMRUJDWFv1WWrWmrFtQUjt1qMy5EUk2avRmaMF1r7bUWrTnm3BnVMwptQF3qU92Wio5mfZcprbE0Gf0YW73VrbKvXQ3Rd&mediaDataID=6719746&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d60907725327a384d2e83e85cacf3344130904236e4910b744f346ecced1344 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aumTo60UUIVmqm4Av7QABD4Wvy1tUZdmWao3mJ05sngTG37WVfePPrMTtnVUrjP3FTwWarnTT3jSEYZdSVQZbPbqqRHMlVcr52U2xnWqoYaev4dYEPVZbC4PrHoWXtVWB80UnkYrbk1quMRUJDWFv1WWrWmrFtQUjt1qMy5EUk2avRmaMF1r7bUWrTnm3BnVMwptQF3qU92Wio5mfZcprbE0Gf0YW73VrbKvXQ3Rd&mediaDataID=6719746&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 216 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c70e0000cc6266211000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e7f90cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame AFF5	300 B 377 B	187ms 186ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=avmTo6WHbSoAnLncUnpHQA5Ev92Hur5PBGpbjHXGr0YGQ00sjxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvtVmfN2s3VYbnDV6Pw56ZbbQmMA4Wnq1WQZbmW6o5PBR3sM9VVQjWGBlSAJoUWFSWbFX2F6uWqvrWTQcSavFSGQIRr6vRt77UVQ24rPqnHAOXaqp3W3DQsjZc5PULoWIqVWQh0bfkYaMeVWeGufSyP1&mediaDataID=6807466&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fef1fb1308a0e36b48f8f0be32dde84e5060bb94e4238dd66debe131ced9a04 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=avmTo6WHbSoAnLncUnpHQA5Ev92Hur5PBGpbjHXGr0YGQ00sjxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvtVmfN2s3VYbnDV6Pw56ZbbQmMA4Wnq1WQZbmW6o5PBR3sM9VVQjWGBlSAJoUWFSWbFX2F6uWqvrWTQcSavFSGQIRr6vRt77UVQ24rPqnHAOXaqp3W3DQsjZc5PULoWIqVWQh0bfkYaMeVWeGufSyP1&mediaDataID=6807466&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 197 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c70f0000cc623b9a0000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e7f91cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 03A2	199 B 278 B	187ms 187ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=awmTo62Fumodis0auN4tfGSGFA26MJot6yVHYeXbrkYrZbl0T6tPbvCTFrXVt3WmUYvPFjs1EQN3EZbk4a73mEnFYrJgTtFXoPUBms7tpWfD5Ene3tyo4AFGnFbZd0GvS1V3V0cFymEr43bFRTUJGV63TPEn3PcUqSHjr1dvoT6Mp2GBX0UMZcUPTr2AvePm7K3drp0dYCmHAN5PQQ3sjgVcJjWWYf49YJunoHms&mediaDataID=7665496&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 988b5abb0edc94dc34837f06bf2d6576a5305588b8fc200f95b6dafd872a06d1 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=awmTo62Fumodis0auN4tfGSGFA26MJot6yVHYeXbrkYrZbl0T6tPbvCTFrXVt3WmUYvPFjs1EQN3EZbk4a73mEnFYrJgTtFXoPUBms7tpWfD5Ene3tyo4AFGnFbZd0GvS1V3V0cFymEr43bFRTUJGV63TPEn3PcUqSHjr1dvoT6Mp2GBX0UMZcUPTr2AvePm7K3drp0dYCmHAN5PQQ3sjgVcJjWWYf49YJunoHms&mediaDataID=7665496&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 278 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c70f0000cc626bb27000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e7f92cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame A006	211 B 284 B	201ms 200ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=axmTo6Vmqn2PU9QArB2WYsXWrZdptaw4PvY3cbfTcUjWGfkR6QuWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrusRWj7WVv25rPxotIOYEeN3tbFSGbZc5m3JoHayTdQ60bvd1bB90EImSrFZbUbB3Tdn5nUjxPU7oXE3r3aja4q7XoTbIYFUaWHJPnmYLnGUwoWrJ2qrj3Hey46bKnFrZa0Gf01cFV0t3wMdbbn6MIM2&mediaDataID=6347136&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1750fd89495511d40fb9348f3cc9271ae2851f5c1953808da259cf5a2fd7962 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=axmTo6Vmqn2PU9QArB2WYsXWrZdptaw4PvY3cbfTcUjWGfkR6QuWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrusRWj7WVv25rPxotIOYEeN3tbFSGbZc5m3JoHayTdQ60bvd1bB90EImSrFZbUbB3Tdn5nUjxPU7oXE3r3aja4q7XoTbIYFUaWHJPnmYLnGUwoWrJ2qrj3Hey46bKnFrZa0Gf01cFV0t3wMdbbn6MIM2&mediaDataID=6347136&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 17 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c7110000cc624c085000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e8f95cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 6E30	228 B 297 B	217ms 216ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aymTo6oAnKpGvmoWrK2qYe5tEM56fJnF3E0V7YYcYV0cjMnajT5UrSWUFFWAnTPajSQsUrStBtYd7oV6by2cZbXXUQAUA6w2AneQPMH3HZbrXWMLmWPM5AMY5Gj7VcYaUVb8RmvOTtJ3UFM45ramVTQvVT39PTYZaQcfCPbupPHviWcbR2FTsoWerYq2p2tvZdPsZbA4AQFpHEmTdB90bfk1UY90UPs4VUswk5HK9&mediaDataID=6680176&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a03659b7c64957a4c75c2495d8602c548ece58763632cd7c088939aa09274220 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aymTo6oAnKpGvmoWrK2qYe5tEM56fJnF3E0V7YYcYV0cjMnajT5UrSWUFFWAnTPajSQsUrStBtYd7oV6by2cZbXXUQAUA6w2AneQPMH3HZbrXWMLmWPM5AMY5Gj7VcYaUVb8RmvOTtJ3UFM45ramVTQvVT39PTYZaQcfCPbupPHviWcbR2FTsoWerYq2p2tvZdPsZbA4AQFpHEmTdB90bfk1UY90UPs4VUswk5HK9&mediaDataID=6680176&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 1104 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c7110000cc6226be9000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e8f97cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 32CE	277 B 339 B	200ms 200ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aMmTo6odiq0qmx3HMASV7F2mBZcpWeqUWfh0r7jYUF90E6nRU3HWUn2WdM2mrFxPrMyYT3q3TBc2qvXmTMHYbYaUH71nPrBpV3wptfE2TZbh5tZan3mjZdpFYEXsfQ1cU5Xs7nnqFS2FJ2VrnAUPY2QaYQQcYnPtZbyYHBuVmbv4sYUXbZbZcVmam56BhPAJK2HQO1dvZanWEm4A3U5GM8VcJjUcM8R77vYTYcxnAS8J&mediaDataID=9148826&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aRmneMptQF3qU92Wio5mfZcMGvOQNC9jb&a=1&adContainerId=richmedia_2&rnd=371191 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c167f0fbd259a20664a1c4c6ac539e69154947729ed5530692958b486a995a2b Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aMmTo6odiq0qmx3HMASV7F2mBZcpWeqUWfh0r7jYUF90E6nRU3HWUn2WdM2mrFxPrMyYT3q3TBc2qvXmTMHYbYaUH71nPrBpV3wptfE2TZbh5tZan3mjZdpFYEXsfQ1cU5Xs7nnqFS2FJ2VrnAUPY2QaYQQcYnPtZbyYHBuVmbv4sYUXbZbZcVmam56BhPAJK2HQO1dvZanWEm4A3U5GM8VcJjUcM8R77vYTYcxnAS8J&mediaDataID=9148826&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 32 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c7110000cc622f3a6000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1e8f9acc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 0677	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e085fb619828f61298d71424db91972edbd98822e9db1ac0da582aa5c3c10131 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 73C2	322 B 368 B	192ms 192ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a8mTo60bnb1UBh0aZamSrFEWUv4VdY4nbfxRFMMYEYy5qBe4TrXoTZbHXb78UHfXm67DnVvomHML5TUh3tmn5PrLnrvHYcU01svV1svymEvT5UUPVbFEWP3TPqb0Sc3qSHZbr1WFrWmfp2GB10FrLUPPw4PYaQ6bD4drO0HBKpdEo5PBT3sUbTcM8WGJ8RAYoTWMQUFbR2FAqWEMnTTJlSTBFSdrJ2GaCxam2jF&mediaDataID=5436426&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aTmneM3drp0dYCmHAN5PQQSFnQQNCVwM&a=3&adContainerId=richmedia_4&rnd=374752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b16557b839b89f81b05b9be19bd350783565b43f2f1072e96bf8e11ce4eb4ce Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=a8mTo60bnb1UBh0aZamSrFEWUv4VdY4nbfxRFMMYEYy5qBe4TrXoTZbHXb78UHfXm67DnVvomHML5TUh3tmn5PrLnrvHYcU01svV1svymEvT5UUPVbFEWP3TPqb0Sc3qSHZbr1WFrWmfp2GB10FrLUPPw4PYaQ6bD4drO0HBKpdEo5PBT3sUbTcM8WGJ8RAYoTWMQUFbR2FAqWEMnTTJlSTBFSdrJ2GaCxam2jF&mediaDataID=5436426&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 415 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c7490000cc6259b4d000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1ed853cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 379F	307 B 363 B	193ms 192ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbhPAUNUtnTWrn02F6oVEUvTEBiQT3FSsFZcPFipPHQ9VGQT4FmxmHyMXamx4dnZbSVjG4mJIotTnTWZbeYFQk1Fb91TqmSrJHWUM1VHrXmUjxPbrr1EUr3aZba4E35nEnIYFUdWWFPn6UBnGrspHnA5qr73dmq3A7GnFbJ0GbQYcZbX1cZbnnEb42bMPVrfZaV6MXPqrYScZbMStUr1G3p0SvIOVogct&mediaDataID=8039566&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aTmneM3drp0dYCmHAN5PQQSFnQQNCVwM&a=3&adContainerId=richmedia_4&rnd=374752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3734693a7ae2d872a8e306dd8c50da36f6f5936c77e2f9bfcbe3a3127e592e55 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=a9mTo6VcQcUcbhPAUNUtnTWrn02F6oVEUvTEBiQT3FSsFZcPFipPHQ9VGQT4FmxmHyMXamx4dnZbSVjG4mJIotTnTWZbeYFQk1Fb91TqmSrJHWUM1VHrXmUjxPbrr1EUr3aZba4E35nEnIYFUdWWFPn6UBnGrspHnA5qr73dmq3A7GnFbJ0GbQYcZbX1cZbnnEb42bMPVrfZaV6MXPqrYScZbMStUr1G3p0SvIOVogct&mediaDataID=8039566&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 337 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c74a0000cc62783b3000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1ed856cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 3E2D	240 B 447 B	191ms 191ms	Document text/html	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aamTo61c33XG7wnT735bnUTFZbGW6QVQE3QSsFNQtJr1WjqVPnv4sn0YFvITmuw4mFgPmbC4WYMXHYKnd2M5mZbT5snfUGvjUsB8S6FOTtFWWrjY2rToVTQvVaJaSTQZaQcJCPUEqSWjiWcbQ2UXpnHIOXqyO3dMGSsZbZa46JZbmdAyTdQc0bUbXFjhXqAMRrUZbTbv5VHQUnUZbtPbbs1EFy3TUa4UFYyd7pxNEOrC&mediaDataID=4056396&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=aTmneM3drp0dYCmHAN5PQQSFnQQNCVwM&a=3&adContainerId=richmedia_4&rnd=374752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e51118ace685eeb3b71f7b131d7bceeb54197a52ed28b19183cec563366ccad Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aamTo61c33XG7wnT735bnUTFZbGW6QVQE3QSsFNQtJr1WjqVPnv4sn0YFvITmuw4mFgPmbC4WYMXHYKnd2M5mZbT5snfUGvjUsB8S6FOTtFWWrjY2rToVTQvVaJaSTQZaQcJCPUEqSWjiWcbQ2UXpnHIOXqyO3dMGSsZbZa46JZbmdAyTdQc0bUbXFjhXqAMRrUZbTbv5VHQUnUZbtPbbs1EFy3TUa4UFYyd7pxNEOrC&mediaDataID=4056396&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=abnsmAxlqLqnJVsPUq7oRcmTB64IZcW6LpJ4tmLS8BaslAeyLAbTID7mXQjmm2oubyULaXH9lPZcSV Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dc22c758818fbd54db8a8aca6c3a72bc61613120450; expires=Sun, 14-Mar-21 09:00:50 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 161 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 083711c74a0000cc620bbf3000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62051f1ed857cc62-ZRH content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 8898	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dcb7036455772496df158051facc6942d9549c26d502421036b17f13416f4bfb Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	tags.js Show response s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/ Frame 8BA9	59 KB 14 KB	198ms 198ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec5d24ebfef13bc9cd2aa47a66883d48dedbe488603d8bfb808b8383c25dfd3 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14006 cf-request-id 083711c7600000cc6259b4f000000001 x-function 151 last-modified Wed, 29 Jul 2020 11:50:12 GMT server cloudflare x-reuse-index 81 etag 18249962694228142433 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 62051f1ef8a3cc62-ZRH expires Fri, 12 Feb 2021 10:00:50 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 385C Redirect Chain https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D... https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid... https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9fef7587-7b96-4567-b7a2-c04de3060a11	43 B 552 B	191ms 190ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9fef7587-7b96-4567-b7a2-c04de3060a11 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=armTo64sY40UUIV6us2AB7R6JH4HUo1WvAptTn563Y5VvcTV3dUcZbjSAnvUdU3UUrR3rEmUqvxTEQbQTBKSG3ZdPrawRHfiUGY55r6sntqr0qTu2t3CSVJZa4AJZamdIrVdJhXFU9XFU90TqpPrnFTrMSVt31nrJoRbZbNYTFs3TZba4T75oTJGXF7dWWJXmPrBmsYsotnL2aQj3H6s3AvGprbEXtZbQUUYjsTcRcv&mediaDataID=6546596&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=armTo64sY40UUIV6us2AB7R6JH4HUo1WvAptTn563Y5VvcTV3dUcZbjSAnvUdU3UUrR3rEmUqvxTEQbQTBKSG3ZdPrawRHfiUGY55r6sntqr0qTu2t3CSVJZa4AJZamdIrVdJhXFU9XFU90TqpPrnFTrMSVt31nrJoRbZbNYTFs3TZba4T75oTJGXF7dWWJXmPrBmsYsotnL2aQj3H6s3AvGprbEXtZbQUUYjsTcRcv&mediaDataID=6546596&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f208bffcc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c8510000cc628294b000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip server OXGW/16.202.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9fef7587-7b96-4567-b7a2-c04de3060a11 content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H2	204	usermatch.gif beacon.krxd.net/ Frame AFF5 Redirect Chain https://a.tribalfusion.com/i.match?p=b22&u=18072662212919638292&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662212919638292	0 337 B	146ms 47ms	Image text/plain	54.171.91.151 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662212919638292 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=avmTo6WHbSoAnLncUnpHQA5Ev92Hur5PBGpbjHXGr0YGQ00sjxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvtVmfN2s3VYbnDV6Pw56ZbbQmMA4Wnq1WQZbmW6o5PBR3sM9VVQjWGBlSAJoUWFSWbFX2F6uWqvrWTQcSavFSGQIRr6vRt77UVQ24rPqnHAOXaqp3W3DQsjZc5PULoWIqVWQh0bfkYaMeVWeGufSyP1&mediaDataID=6807466&mediaName=frame.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.91.151 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-91-151.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://s.tribalfusion.com/p.media?clickID=avmTo6WHbSoAnLncUnpHQA5Ev92Hur5PBGpbjHXGr0YGQ00sjxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvtVmfN2s3VYbnDV6Pw56ZbbQmMA4Wnq1WQZbmW6o5PBR3sM9VVQjWGBlSAJoUWFSWbFX2F6uWqvrWTQcSavFSGQIRr6vRt77UVQ24rPqnHAOXaqp3W3DQsjZc5PULoWIqVWQh0bfkYaMeVWeGufSyP1&mediaDataID=6807466&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT cache-control private, no-cache, no-store x-request-time D=43 t=1613120450 x-served-by beacon-n010-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 2052 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f1fba2ccc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" location https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662212919638292 cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 083711c7d20000cc622c0d5000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 03A2 Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662212919638292 https://a.tribalfusion.com/i.match?p=b23&u=165000903695000329719	43 B 630 B	195ms 195ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b23&u=165000903695000329719 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=awmTo62Fumodis0auN4tfGSGFA26MJot6yVHYeXbrkYrZbl0T6tPbvCTFrXVt3WmUYvPFjs1EQN3EZbk4a73mEnFYrJgTtFXoPUBms7tpWfD5Ene3tyo4AFGnFbZd0GvS1V3V0cFymEr43bFRTUJGV63TPEn3PcUqSHjr1dvoT6Mp2GBX0UMZcUPTr2AvePm7K3drp0dYCmHAN5PQQ3sjgVcJjWWYf49YJunoHms&mediaDataID=7665496&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=awmTo62Fumodis0auN4tfGSGFA26MJot6yVHYeXbrkYrZbl0T6tPbvCTFrXVt3WmUYvPFjs1EQN3EZbk4a73mEnFYrJgTtFXoPUBms7tpWfD5Ene3tyo4AFGnFbZd0GvS1V3V0cFymEr43bFRTUJGV63TPEn3PcUqSHjr1dvoT6Mp2GBX0UMZcUPTr2AvePm7K3drp0dYCmHAN5PQQ3sjgVcJjWWYf49YJunoHms&mediaDataID=7665496&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f204b5ecc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c82a0000cc623b9be000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" location https://a.tribalfusion.com/i.match?p=b23&u=165000903695000329719 cache-control no-cache, no-store, must-revalidate content-length 0 expires 0
GET H2	200	i.match a.tribalfusion.com/ Frame 0EAD Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622129... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622129... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662212919638292&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U... https://a.tribalfusion.com/i.match?p=b11&u=88FA3C36-4DD8-4F55-9403-8A8D2CDC8956	43 B 730 B	200ms 200ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b11&u=88FA3C36-4DD8-4F55-9403-8A8D2CDC8956 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aumTo60UUIVmqm4Av7QABD4Wvy1tUZdmWao3mJ05sngTG37WVfePPrMTtnVUrjP3FTwWarnTT3jSEYZdSVQZbPbqqRHMlVcr52U2xnWqoYaev4dYEPVZbC4PrHoWXtVWB80UnkYrbk1quMRUJDWFv1WWrWmrFtQUjt1qMy5EUk2avRmaMF1r7bUWrTnm3BnVMwptQF3qU92Wio5mfZcprbE0Gf0YW73VrbKvXQ3Rd&mediaDataID=6719746&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=aumTo60UUIVmqm4Av7QABD4Wvy1tUZdmWao3mJ05sngTG37WVfePPrMTtnVUrjP3FTwWarnTT3jSEYZdSVQZbPbqqRHMlVcr52U2xnWqoYaev4dYEPVZbC4PrHoWXtVWB80UnkYrbk1quMRUJDWFv1WWrWmrFtQUjt1qMy5EUk2avRmaMF1r7bUWrTnm3BnVMwptQF3qU92Wio5mfZcprbE0Gf0YW73VrbKvXQ3Rd&mediaDataID=6719746&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f219e1acc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c8fc0000cc628295b000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://a.tribalfusion.com/i.match?p=b11&u=88FA3C36-4DD8-4F55-9403-8A8D2CDC8956 Date Fri, 12 Feb 2021 09:00:50 GMT X-Cnection close X-lat Pug22050:0:993 Server Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 Content-Length 404 Content-Type text/html; charset=iso-8859-1
GET H2	200	i.match a.tribalfusion.com/ Frame 0DE4 Redirect Chain https://tags.bluekai.com/site/4229?id=18072662212919638292&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID https://a.tribalfusion.com/i.match?p=b3&u=hHWVBx9999OcD0jQ	43 B 620 B	193ms 192ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b3&u=hHWVBx9999OcD0jQ Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=asmTo61rZb8WHbRm63DmcfpmHvC2qvj5HIN3PnFnrvEXcMVYVQ2XGJNmEZbU3UQ2VbvZaWPv2REnSSsUtQtUw1drrV6vm3GYU0FnDUAit5AZb8R6fC2tYr0tMAnW2v36QP3GrgTGr6Vsn8R6FyWtMUTUBP3bIqVqrmTanlQEBZdQVJCPFuqPHr6WGrS4FTxmteOYEPO2WMZbPcfA4AYZdmdXyVWQhXTZbbUcFXv7QX55&mediaDataID=2713736&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=asmTo61rZb8WHbRm63DmcfpmHvC2qvj5HIN3PnFnrvEXcMVYVQ2XGJNmEZbU3UQ2VbvZaWPv2REnSSsUtQtUw1drrV6vm3GYU0FnDUAit5AZb8R6fC2tYr0tMAnW2v36QP3GrgTGr6Vsn8R6FyWtMUTUBP3bIqVqrmTanlQEBZdQVJCPFuqPHr6WGrS4FTxmteOYEPO2WMZbPcfA4AYZdmdXyVWQhXTZbbUcFXv7QX55&mediaDataID=2713736&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f216dc6cc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c8df0000cc6263135000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://a.tribalfusion.com/i.match?p=b3&u=hHWVBx9999OcD0jQ Date Fri, 12 Feb 2021 09:00:50 GMT Connection keep-alive Content-Length 0 BK-Server dc09 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	200	i.match a.tribalfusion.com/ Frame A006 Redirect Chain https://pixel.advertising.com/ups/57628/sync?uid=18072662212919638292&_origin=1&redir=true https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662212919638292&_origin=1&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 https://a.tribalfusion.com/i.match?p=b17&u=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2	43 B 589 B	186ms 185ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b17&u=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=axmTo6Vmqn2PU9QArB2WYsXWrZdptaw4PvY3cbfTcUjWGfkR6QuWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrusRWj7WVv25rPxotIOYEeN3tbFSGbZc5m3JoHayTdQ60bvd1bB90EImSrFZbUbB3Tdn5nUjxPU7oXE3r3aja4q7XoTbIYFUaWHJPnmYLnGUwoWrJ2qrj3Hey46bKnFrZa0Gf01cFV0t3wMdbbn6MIM2&mediaDataID=6347136&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=axmTo6Vmqn2PU9QArB2WYsXWrZdptaw4PvY3cbfTcUjWGfkR6QuWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrusRWj7WVv25rPxotIOYEeN3tbFSGbZc5m3JoHayTdQ60bvd1bB90EImSrFZbUbB3Tdn5nUjxPU7oXE3r3aja4q7XoTbIYFUaWHJPnmYLnGUwoWrJ2qrj3Hey46bKnFrZa0Gf01cFV0t3wMdbbn6MIM2&mediaDataID=6347136&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f207bf8cc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c84e0000cc624995c000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:50 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://a.tribalfusion.com/i.match?p=b17&u=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 Connection keep-alive Content-Length 0
GET H2	200	i.match a.tribalfusion.com/ Frame 32CE Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662212919638292&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID https://a.tribalfusion.com/i.match?p=b19&u=cc909110-6d10-11eb-88bc-1d7abbad3306	43 B 587 B	197ms 197ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b19&u=cc909110-6d10-11eb-88bc-1d7abbad3306 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aMmTo6odiq0qmx3HMASV7F2mBZcpWeqUWfh0r7jYUF90E6nRU3HWUn2WdM2mrFxPrMyYT3q3TBc2qvXmTMHYbYaUH71nPrBpV3wptfE2TZbh5tZan3mjZdpFYEXsfQ1cU5Xs7nnqFS2FJ2VrnAUPY2QaYQQcYnPtZbyYHBuVmbv4sYUXbZbZcVmam56BhPAJK2HQO1dvZanWEm4A3U5GM8VcJjUcM8R77vYTYcxnAS8J&mediaDataID=9148826&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=aMmTo6odiq0qmx3HMASV7F2mBZcpWeqUWfh0r7jYUF90E6nRU3HWUn2WdM2mrFxPrMyYT3q3TBc2qvXmTMHYbYaUH71nPrBpV3wptfE2TZbh5tZan3mjZdpFYEXsfQ1cU5Xs7nnqFS2FJ2VrnAUPY2QaYQQcYnPtZbyYHBuVmbv4sYUXbZbZcVmam56BhPAJK2HQO1dvZanWEm4A3U5GM8VcJjUcM8R77vYTYcxnAS8J&mediaDataID=9148826&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f201b0acc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c8100000cc62668fd000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:50 GMT Server nginx Location https://a.tribalfusion.com/i.match?p=b19&u=cc909110-6d10-11eb-88bc-1d7abbad3306 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 134 Connection keep-alive Content-Length 43
GET H2	200	i.match a.tribalfusion.com/ Frame 81AB Redirect Chain https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662212919638292&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662212919638292&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&C=1 https://a.tribalfusion.com/i.match?p=b20&u=YCZDwp0JL2lZJncdoX8FhAAA	43 B 711 B	197ms 197ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b20&u=YCZDwp0JL2lZJncdoX8FhAAA Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=atmTo6UVMT2FumotisXquw4dQCPGBG5mnHmtPOTWZbhXFM8YbZbfXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUh4qj5mT7LXFBfWWBXnmfZamV7mmHUC3TYk2tZaN5mvZbprrZb0sn0YGv11VrnnavP5FMTWbZbZcWArXQEMXSVrMQdUOYt7uVPbN4sr1XUQBTmXw4AQeQPFG2dUM1t3ZanWZaw36BY3sjgTWjc1U7YwsV1Ho&mediaDataID=6530936&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=atmTo6UVMT2FumotisXquw4dQCPGBG5mnHmtPOTWZbhXFM8YbZbfXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUh4qj5mT7LXFBfWWBXnmfZamV7mmHUC3TYk2tZaN5mvZbprrZb0sn0YGv11VrnnavP5FMTWbZbZcWArXQEMXSVrMQdUOYt7uVPbN4sr1XUQBTmXw4AQeQPFG2dUM1t3ZanWZaw36BY3sjgTWjc1U7YwsV1Ho&mediaDataID=6530936&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f20cc8fcc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c87d0000cc6266905000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:50 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://a.tribalfusion.com/i.match?p=b20&u=YCZDwp0JL2lZJncdoX8FhAAA Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 255 Expires Fri, 12 Feb 2021 09:00:50 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 6E30 Redirect Chain https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662212919638292&redirectId=1001 https://a.tribalfusion.com/i.match?p=b21&u=178348668527c9a76e55a343dc2ab0	43 B 545 B	205ms 204ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b21&u=178348668527c9a76e55a343dc2ab0 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aymTo6oAnKpGvmoWrK2qYe5tEM56fJnF3E0V7YYcYV0cjMnajT5UrSWUFFWAnTPajSQsUrStBtYd7oV6by2cZbXXUQAUA6w2AneQPMH3HZbrXWMLmWPM5AMY5Gj7VcYaUVb8RmvOTtJ3UFM45ramVTQvVT39PTYZaQcfCPbupPHviWcbR2FTsoWerYq2p2tvZdPsZbA4AQFpHEmTdB90bfk1UY90UPs4VUswk5HK9&mediaDataID=6680176&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=aymTo6oAnKpGvmoWrK2qYe5tEM56fJnF3E0V7YYcYV0cjMnajT5UrSWUFFWAnTPajSQsUrStBtYd7oV6by2cZbXXUQAUA6w2AneQPMH3HZbrXWMLmWPM5AMY5Gj7VcYaUVb8RmvOTtJ3UFM45ramVTQvVT39PTYZaQcfCPbupPHviWcbR2FTsoWerYq2p2tvZdPsZbA4AQFpHEmTdB90bfk1UY90UPs4VUswk5HK9&mediaDataID=6680176&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f208c17cc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c8580000cc627b16a000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:50 GMT Server nginx Access-Control-Allow-Origin * Location https://a.tribalfusion.com/i.match?p=b21&u=178348668527c9a76e55a343dc2ab0 Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 x-sticky-vk 1613120450077062-373 Expires Fri, 12 Feb 2021 09:00:50 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 73C2 Redirect Chain https://a.tribalfusion.com/i.match?p=b10&u=18072662212919638292&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662212919638292&expires=180	42 B 766 B	103ms 26ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662212919638292&expires=180 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a8mTo60bnb1UBh0aZamSrFEWUv4VdY4nbfxRFMMYEYy5qBe4TrXoTZbHXb78UHfXm67DnVvomHML5TUh3tmn5PrLnrvHYcU01svV1svymEvT5UUPVbFEWP3TPqb0Sc3qSHZbr1WFrWmfp2GB10FrLUPPw4PYaQ6bD4drO0HBKpdEo5PBT3sUbTcM8WGJ8RAYoTWMQUFbR2FAqWEMnTTJlSTBFSdrJ2GaCxam2jF&mediaDataID=5436426&mediaName=frame.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://s.tribalfusion.com/p.media?clickID=a8mTo60bnb1UBh0aZamSrFEWUv4VdY4nbfxRFMMYEYy5qBe4TrXoTZbHXb78UHfXm67DnVvomHML5TUh3tmn5PrLnrvHYcU01svV1svymEvT5UUPVbFEWP3TPqb0Sc3qSHZbr1WFrWmfp2GB10FrLUPPw4PYaQ6bD4drO0HBKpdEo5PBT3sUbTcM8WGJ8RAYoTWMQUFbR2FAqWEMnTTJlSTBFSdrJ2GaCxam2jF&mediaDataID=5436426&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/gif Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 48 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f201b12cc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" location https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662212919638292&expires=180 cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 083711c8130000cc622f3c7000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 3E2D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662212919638292 https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOVXx70mZxJDybie0D1YIOI&google_cver=1&google_ula=2786954,0	43 B 620 B	270ms 269ms	Image image/gif	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOVXx70mZxJDybie0D1YIOI&google_cver=1&google_ula=2786954,0 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aamTo61c33XG7wnT735bnUTFZbGW6QVQE3QSsFNQtJr1WjqVPnv4sn0YFvITmuw4mFgPmbC4WYMXHYKnd2M5mZbT5snfUGvjUsB8S6FOTtFWWrjY2rToVTQvVaJaSTQZaQcJCPUEqSWjiWcbQ2UXpnHIOXqyO3dMGSsZbZa46JZbmdAyTdQc0bUbXFjhXqAMRrUZbTbv5VHQUnUZbtPbbs1EFy3TUa4UFYyd7pxNEOrC&mediaDataID=4056396&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/p.media?clickID=aamTo61c33XG7wnT735bnUTFZbGW6QVQE3QSsFNQtJr1WjqVPnv4sn0YFvITmuw4mFgPmbC4WYMXHYKnd2M5mZbT5snfUGvjUsB8S6FOTtFWWrjY2rToVTQvVaJaSTQZaQcJCPUEqSWjiWcbQ2UXpnHIOXqyO3dMGSsZbZa46JZbmdAyTdQc0bUbXFjhXqAMRrUZbTbv5VHQUnUZbtPbbs1EFy3TUa4UFYyd7pxNEOrC&mediaDataID=4056396&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f20bc62cc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 083711c8700000cc6263126000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOVXx70mZxJDybie0D1YIOI&google_cver=1&google_ula=2786954,0 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dspreply public-prod-dspcookiematching.dmxleo.com/ Frame 379F Redirect Chain https://a.tribalfusion.com/i.match?p=b24&u=18072662212919638292&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662212919638292	0 272 B	73ms 34ms	Image text/plain	34.120.25.144 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662212919638292 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbhPAUNUtnTWrn02F6oVEUvTEBiQT3FSsFZcPFipPHQ9VGQT4FmxmHyMXamx4dnZbSVjG4mJIotTnTWZbeYFQk1Fb91TqmSrJHWUM1VHrXmUjxPbrr1EUr3aZba4E35nEnIYFUdWWFPn6UBnGrspHnA5qr73dmq3A7GnFbJ0GbQYcZbX1cZbnnEb42bMPVrfZaV6MXPqrYScZbMStUr1G3p0SvIOVogct&mediaDataID=8039566&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.25.144 , United States, ASN15169 (GOOGLE, US), Reverse DNS 144.25.120.34.bc.googleusercontent.com Software istio-envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://s.tribalfusion.com/p.media?clickID=a9mTo6VcQcUcbhPAUNUtnTWrn02F6oVEUvTEBiQT3FSsFZcPFipPHQ9VGQT4FmxmHyMXamx4dnZbSVjG4mJIotTnTWZbeYFQk1Fb91TqmSrJHWUM1VHrXmUjxPbrr1EUr3aZba4E35nEnIYFUdWWFPn6UBnGrspHnA5qr73dmq3A7GnFbJ0GbQYcZbX1cZbnnEb42bMPVrfZaV6MXPqrYScZbMStUr1G3p0SvIOVogct&mediaDataID=8039566&mediaName=frame.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT via 1.1 google x-envoy-decorator-operation leo-dsp-cookie-matching.default.svc.cluster.local:80/* x-envoy-upstream-service-time 1 alt-svc clear content-length 0 server istio-envoy Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:50 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 142 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 62051f202b27cc62-ZRH p3p CP="NOI DEVo TAIa OUR BUS" location https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662212919638292 cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 083711c81a0000cc624c0a0000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 8BA9	677 B 1 KB	192ms 191ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 706eee08232c31e090fb58082ee04511a68a9dbd4b842c1b2b12245bf30307ea Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 331 cf-request-id 083711c82d0000cc624c0a2000000001 x-function 153 last-modified Tue, 04 Apr 2017 05:09:56 GMT server cloudflare x-reuse-index 163 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 62051f204b67cc62-ZRH expires Thu, 13 May 2021 09:00:50 GMT
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame 8BA9	20 B 620 B	200ms 200ms	Script application/x-javascript	104.18.12.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&f=1&p=372864&tKey=a2mneMpW6mTdJfYFr8YbJhVWeGQNCOmy&a=5&adContainerId=richmedia_6&rnd=378532 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 217bab4b917050f880628e822c751053b9f0220011a1e2d2d36627daacb3da2b Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:50 GMT content-encoding none cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20 cf-request-id 083711c8f00000cc6200125000000001 pragma no-cache x-function 101 server cloudflare x-reuse-index 541 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 62051f217dfccc62-ZRH expires 0
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 8898	0 0	104ms 73ms	Fetch image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHNMT2EYf2aCTk9Ly-tSBY0UtYCasZGsa1Ryjx7yf0mLqJDf933OIJIyqbfif-IALspDRVRQbeeeX3H1fwwakRNo-x9zvBeAK0sh01S7Kkuqlq0sECqB6L4SZMyM5v0sc-7APwo4Calhz7z4dG8ql20XEOZibq_d0SShNuS_mV-2RPQiCPf17oCq36FDYiT1shtPjwG6t0ZwkIAXzIGUqwO3br-F9Azn1nMDcqHKdl5vF2X19EtdKFd-o50aieVPjmUJL0T_sKPQlff7CYwS7j9qPvkf_XsjsD_YOFtvZZt_50O2lcoVzd65Ml10L2SA0Z_tVbzAQIspxP&sai=AMfl-YQyio2w2m-vfFEwvCOBm_1xq0zcz5-HqZ48YixPo9xGI6Nh3xmPTjBGwHxkZsM7hRGiro_bHy32VLvx0g5q8nKBgiYWRbpN6vdbeKMBtwjMEws1rejPqi9Ttrff_-4&sig=Cg0ArKJSzDRLgOF4KM94EAE&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:51 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 8BA9	0 0	59ms 59ms	Fetch image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst91hxuL6clQlqeunJYeFeq0E_zancqB0CWzkf92mPi3wbY35ZwLIiwZQc1JSK3NJr0e-1Jp1oPwkhwspEYCe-5AFg8FUPyOAOeuHVCy1YIbK5LuCSU89NKKW8Pto6WRQ8qmf6Y42pgIT3Ibipo9hxMfj2WN21TgOn0jp9ml26fL8ktVJAzK7cqGITpIm9ePOj6cjSV-oV671o7X4R2TazNl0zmvdpzZfFXRNXwAyHSW6MxIaCSexjuHH5q3wZqM2AvOfdRbONeljlsB0zkuOpqGCbX2xq0inWWcZfiORhSKH-P2pc9k6DFsg&sig=Cg0ArKJSzDHwoO0NgR49EAE&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:51 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 0677	0 0	58ms 57ms	Fetch image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYqcHAxDSkYEzWkkmhGE6Ox7iy8VQ3xRvuCt8ubGrVaXVPMrHPGBkaGtjzPYfeluNRa-J9anzHVyNxYpWCbmzhKM6jBt0Ax6bip7XLscwZy6TFhUZsgnNFmNErEkEBWi5nGEe7Km2C2xwEvEjvN9i3CLHR22ES4RylEzFU6_PJydZTIJRtMB8RA3IXdjbEtAamfQf-z7Si2NN24_4wBVzA-onwwINVL4lkfEUwz6ZDQPQ0oMXzzhBUbufvyErPXshjMtUuJEesQyt7zrligzc--T5eI3r2tvmzepCjI0qbJlitZZJMDrOZUNYS9JMKCK4pcNiLLcEesw&sai=AMfl-YRTilCypRfbwBIGxjeZ8DDf-vGN6yzG4UQPSkQ262nEbwkpGAzXxIKLvzgpNJ6eXZ4S5sQiq1OWKcsJj7Z5YaLznmFD0017ig9bNj7hCpHd9e7rxle94sCJwo_H5DM&sig=Cg0ArKJSzDvblOZfR2_SEAE&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Fri, 12 Feb 2021 09:00:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 12 Feb 2021 09:00:51 GMT
POST H2	200	tinyurl.com Show response e.deployads.com/e/	2 B 126 B	46ms 45ms	XHR text/plain	54.229.0.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e.deployads.com/e/tinyurl.com Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.229.0.86 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-0-86.eu-west-1.compute.amazonaws.com Software Jetty(7.6.12.v20130726) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Fri, 12 Feb 2021 09:00:51 GMT server Jetty(7.6.12.v20130726) content-length 2 content-type text/plain;charset=UTF-8
GET H2	200	VZNM c.deployads.com/cs/ Redirect Chain https://pixel.advertising.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true https://ups.analytics.yahoo.com/ups/58282/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2	43 B 469 B	43ms 43ms	Image image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:52 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://c.deployads.com/cs/VZNM?b=y-VDohc6d1l2Zpl6H5VVGarHWKHTXvi58.~UPcc8a1e16-6d10-11eb-b1a1-028bad4c8ce2 Connection keep-alive Content-Length 0
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://sync.1rx.io/usersync2/sortable https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003&rndcb=6173766449 https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003&rndcb=6173766449 https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e7684c8b-1b5b-46b0-8570-88af6d14add4&user_group=1&ssp=adconductor&bsw_param=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 https://sync.1rx.io/usersync/bidswitch/66a1f280-7937-4098-9d7b-7c6d1e38c7e5?gdpr=&gdpr_consent= https://sync.targeting.unrulymedia.com/csync/RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-dc67583e-d8ea-42d7-832e-672... https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003	49 B 821 B	39ms 39ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:52 GMT Server Tengine ETag RXdc67583ed8ea42d7832e67208cfd5a23003 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 Connection keep-alive Content-Type text/html
GET H2	204	index.html cdn.districtm.io/ids/ Frame 8667	0 0	65ms 26ms	Document text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:51 GMT set-cookie __cfduid=d4504ce341cc21c71c8963825b4257f821613120451; expires=Sun, 14-Mar-21 09:00:51 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS cf-request-id 083711cd190000cc62829bb000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 62051f282c14cc62-ZRH
GET H2	200	sync Show response eb2.3lift.com/ Frame D64B Redirect Chain https://eb2.3lift.com/sync? https://eb2.3lift.com/sync?&ld=1	1 KB 1 KB	26ms 26ms	Document text/html	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?&ld=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash 032d2bcb8368ff4bf881eaa0a17f09de4ed63646e37b5a5a68e2afc34cb5bc7c Request headers :method GET :authority eb2.3lift.com :scheme https :path /sync?&ld=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie tluid=3000524416463435143 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:51 GMT content-type text/html; charset=utf-8 content-length 478 set-cookie sync=CgoIgQIQxeriq_kuCgoIkQIQxeriq_kuCgoI4gEQxeriq_kuCgoIkgIQxeriq_kuCgoI5gEQxeriq_kuCgoIhwIQxeriq_kuCgkIOhDF6uKr-S4KCQgLEMXq4qv5LgoJCF8Qxeriq_kuCgkIHxDF6uKr-S4=; Max-Age=7776000; Expires=Thu, 13 May 2021 09:00:51 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=3000524416463435143; Max-Age=7776000; Expires=Thu, 13 May 2021 09:00:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure content-encoding gzip p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" cache-control no-cache, no-store, must-revalidate Redirect headers date Fri, 12 Feb 2021 09:00:51 GMT content-length 0 set-cookie tluid=11530538452617988741; Max-Age=7776000; Expires=Thu, 13 May 2021 09:00:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure location /sync?&ld=1 cache-control no-cache, no-store, must-revalidate p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	204	index.html cdn.districtm.io/ids/ Frame CAA0	0 0	67ms 28ms	Document text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:51 GMT set-cookie __cfduid=d4504ce341cc21c71c8963825b4257f821613120451; expires=Sun, 14-Mar-21 09:00:51 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS cf-request-id 083711cd190000cc620808a000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 62051f282c15cc62-ZRH
GET H2	200	sync Show response eb2.3lift.com/ Frame A26A Redirect Chain https://eb2.3lift.com/sync? https://eb2.3lift.com/sync?&ld=1	1 KB 1 KB	27ms 26ms	Document text/html	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?&ld=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash 032d2bcb8368ff4bf881eaa0a17f09de4ed63646e37b5a5a68e2afc34cb5bc7c Request headers :method GET :authority eb2.3lift.com :scheme https :path /sync?&ld=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/app accept-encoding gzip, deflate, br accept-language en-US cookie tluid=3000524416463435143 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers date Fri, 12 Feb 2021 09:00:51 GMT content-type text/html; charset=utf-8 content-length 478 set-cookie sync=CgoIgQIQxeriq_kuCgoIkQIQxeriq_kuCgoI4gEQxeriq_kuCgoIkgIQxeriq_kuCgoI5gEQxeriq_kuCgoIhwIQxeriq_kuCgkIOhDF6uKr-S4KCQgLEMXq4qv5LgoJCF8Qxeriq_kuCgkIHxDF6uKr-S4=; Max-Age=7776000; Expires=Thu, 13 May 2021 09:00:51 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=3000524416463435143; Max-Age=7776000; Expires=Thu, 13 May 2021 09:00:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure content-encoding gzip p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" cache-control no-cache, no-store, must-revalidate Redirect headers date Fri, 12 Feb 2021 09:00:51 GMT content-length 0 set-cookie tluid=3000524416463435143; Max-Age=7776000; Expires=Thu, 13 May 2021 09:00:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure location /sync?&ld=1 cache-control no-cache, no-store, must-revalidate p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame CFDA	52 KB 17 KB	88ms 32ms	Document text/html	184.30.20.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.20.185 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-185.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://tinyurl.com/app Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Vary Accept-Encoding Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Sat, 13 Feb 2021 09:00:53 GMT Date Fri, 12 Feb 2021 09:00:51 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/ib/static/usersync/v3/ Frame 40A8	995 B 875 B	82ms 27ms	Document text/html	184.30.20.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.20.185 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-185.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39 Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://tinyurl.com/app Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Vary Accept-Encoding Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Sat, 12 Feb 2022 09:00:51 GMT Date Fri, 12 Feb 2021 09:00:51 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/ib/static/usersync/v3/ Frame A83C	995 B 875 B	82ms 26ms	Document text/html	184.30.20.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.20.185 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-185.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39 Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://tinyurl.com/app Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Vary Accept-Encoding Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Sat, 12 Feb 2022 09:00:51 GMT Date Fri, 12 Feb 2021 09:00:51 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame B925	52 KB 17 KB	87ms 32ms	Document text/html	184.30.20.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: tinyurl.com URL: https://tinyurl.com/app Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.20.185 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-185.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://tinyurl.com/app Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://tinyurl.com/app Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Vary Accept-Encoding Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Sat, 13 Feb 2021 09:00:53 GMT Date Fri, 12 Feb 2021 09:00:51 GMT Connection keep-alive
GET H2	200	QANT c.deployads.com/cs/ Redirect Chain https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0 https://c.deployads.com/cs/QANT?gdpr=1&b=y1JjDclRMgjQATIKylJ8C8lbMA3QVmEOxFOrO2XS	43 B 405 B	43ms 43ms	Image image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/QANT?gdpr=1&b=y1JjDclRMgjQATIKylJ8C8lbMA3QVmEOxFOrO2XS Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://c.deployads.com/cs/QANT?gdpr=1&b=y1JjDclRMgjQATIKylJ8C8lbMA3QVmEOxFOrO2XS cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://x.bidswitch.net/sync?ssp=sonobi https://x.bidswitch.net/ul_cb/sync?ssp=sonobi https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=66a1f280-7937-4098-9d7b-7c6d1e38c7e5&google_hm=NjZhMWYyODAtNzkzNy00MDk4LTlkN2ItN2M2ZDFlMzhjN2U1 https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAU2sOMHoVGH-vxeRpFNCEI&google_cver=1&ssp=sonobi&bsw_param=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=66a1f280-7937-4098-9d7b-7c6d1e38c7e5	49 B 931 B	103ms 38ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers location //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=66a1f280-7937-4098-9d7b-7c6d1e38c7e5 date Fri, 12 Feb 2021 09:00:51 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	XNDR c.deployads.com/cs/ Redirect Chain https://secure.adnxs.com/getuid?https://c.deployads.com/cs/XNDR?b=$UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc.deployads.com%2Fcs%2FXNDR%3Fb%3D%24UID https://c.deployads.com/cs/XNDR?b=5433066005356494175	43 B 425 B	43ms 43ms	Image image/gif	52.50.112.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/XNDR?b=5433066005356494175 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.112.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-112-165.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.151:80 AN-X-Request-Uuid c9a051c9-250d-4877-a1a7-7162ddb44bbb Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://c.deployads.com/cs/XNDR?b=5433066005356494175 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= https://sync.go.sonobi.com/us.gif?nw=td&nuid=7da1cf18-ec46-4a64-a87a-52f2fe491b37&pubid=fb9580c293	49 B 931 B	157ms 39ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=td&nuid=7da1cf18-ec46-4a64-a87a-52f2fe491b37&pubid=fb9580c293 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:51 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.go.sonobi.com/us.gif?nw=td&nuid=7da1cf18-ec46-4a64-a87a-52f2fe491b37&pubid=fb9580c293 cache-control private,no-cache, must-revalidate content-type text/html content-length 227
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003&rndcb=1815365019 https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor https://x.bidswitch.net/sync?dsp_id=70&user_id=3479210181133611694&ssp=adconductor https://sync.1rx.io/usersync/bidswitch/66a1f280-7937-4098-9d7b-7c6d1e38c7e5?gdpr=&gdpr_consent= https://sync.targeting.unrulymedia.com/csync/RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-dc67583e-d8ea-42d7-832e-672... https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003	49 B 938 B	39ms 38ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:52 GMT Server Tengine ETag RXdc67583ed8ea42d7832e67208cfd5a23003 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-dc67583e-d8ea-42d7-832e-67208cfd5a23-003 Connection keep-alive Content-Type text/html
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=83956026-43c3-4200-a624-eddb0ee69e0e	49 B 931 B	117ms 38ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=83956026-43c3-4200-a624-eddb0ee69e0e Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Fri, 12 Feb 2021 09:00:51 GMT Server MT3 3518 2f03077 master cdg-pixel-x11 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=83956026-43c3-4200-a624-eddb0ee69e0e Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 12 Feb 2021 09:00:50 GMT
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://p.rfihub.com/cm?pub=35683&in=1 https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827868498763756	49 B 914 B	123ms 41ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827868498763756 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Location https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827868498763756 Server Jetty(9.0.6.v20130930) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8898	42 B 725 B	69ms 55ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSd3Fk_y6y1tpSUbo-XjEVHfcybm021Vrv5BBv045tIn684sJTdg-mOTcWAyEe3_BM1Tw6J8uRzWc3dmuw523aXcaCdYIpsTTZ4HcNSvg&sig=Cg0ArKJSzLO7sYgcKmk-EAE&id=osdim&mcvt=1004&p=180,2244,430,2544&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210210&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3694741796&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1613120449354&dlt=0&rpt=1034&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame CFDA	0 749 B	28ms 27ms	Script text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/dmp/async_usersync.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:51 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.254:80 AN-X-Request-Uuid 2be63409-699b-4c54-9f5c-e7bf9fdccae3 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame B925	0 748 B	47ms 46ms	Script text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/dmp/async_usersync.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:51 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.81:80 AN-X-Request-Uuid 4134b2a1-83bb-4011-b1a2-67de8301ea67 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame D64B	70 B 264 B	51ms 46ms	Image image/gif	52.49.114.167 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-114-167.eu-west-1.compute.amazonaws.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	xuid eb2.3lift.com/ Frame D64B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1	37 B 352 B	28ms 27ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame D64B Redirect Chain https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D	170 B 190 B	17ms 17ms	Image image/png	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D date Fri, 12 Feb 2021 09:00:51 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	c.gif c.bing.com/ Frame D64B	42 B 415 B	34ms 29ms	Image image/gif	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.bing.com/c.gif?xid=3000524416463435143&Red3=TLMS_pd Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT etag "118072d82dfbd61:0" last-modified Thu, 04 Feb 2021 19:42:17 GMT x-msedge-ref Ref A: 656E72C13599493E8421793968090998 Ref B: FRAEDGE1220 Ref C: 2021-02-12T09:00:51Z x-powered-by ASP.NET p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42
GET H2	200	xuid eb2.3lift.com/ Frame D64B Redirect Chain https://pr-bh.ybp.yahoo.com/sync/triplelift/3000524416463435143?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883	37 B 352 B	28ms 27ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers date Fri, 12 Feb 2021 09:00:52 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame D64B Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent=	37 B 352 B	28ms 27ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.152:80 AN-X-Request-Uuid e15494aa-723f-49f5-9522-1f96660e37a2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	iu3 s.amazon-adsystem.com/ Frame D64B Redirect Chain https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3000524416463435143 https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t	0 0	118ms 118ms	Image text/html	52.46.130.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Server Server Vary User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame D64B Redirect Chain https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1	37 B 139 B	27ms 26ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers Location https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 95 Content-Type text/html; charset=utf-8
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame D64B	0 0	80ms 34ms	Image text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3000524416463435143 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame D64B	0 0	81ms 28ms	Image text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3000524416463435143 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	200 OK	async_usersync Show response secure.adnxs.com/ Frame 40A8	0 748 B	30ms 26ms	Script text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/async_usersync?cbfn=AN_async_load Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:51 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80 AN-X-Request-Uuid db5c3996-ef19-4747-a299-3f88640c4a5e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame A26A	70 B 264 B	49ms 46ms	Image image/gif	52.49.114.167 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-114-167.eu-west-1.compute.amazonaws.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	xuid eb2.3lift.com/ Frame A26A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1	37 B 352 B	28ms 27ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDra7kPUfc0ztXknVqSFGAQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame A26A Redirect Chain https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D	170 B 224 B	16ms 16ms	Image image/png	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAwMDUyNDQxNjQ2MzQzNTE0Mw%3D%3D date Fri, 12 Feb 2021 09:00:51 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	c.gif c.bing.com/ Frame A26A	42 B 245 B	32ms 30ms	Image image/gif	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.bing.com/c.gif?xid=3000524416463435143&Red3=TLMS_pd Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:51 GMT etag "118072d82dfbd61:0" last-modified Thu, 04 Feb 2021 19:42:17 GMT x-msedge-ref Ref A: 4A2D20D589994C0FAA58A0C8E6E77DEA Ref B: FRAEDGE1220 Ref C: 2021-02-12T09:00:51Z x-powered-by ASP.NET p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42
GET H2	200	xuid eb2.3lift.com/ Frame A26A Redirect Chain https://pr-bh.ybp.yahoo.com/sync/triplelift/3000524416463435143?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883	37 B 352 B	28ms 28ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers date Fri, 12 Feb 2021 09:00:52 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://eb2.3lift.com/xuid?mid=2662&xuid=y-D5d_0891lwORsinxrzUeCy_3u3P0fiTtAGQTmksKfw--&dongle=0883 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame A26A Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent=	37 B 352 B	30ms 29ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.46:80 AN-X-Request-Uuid a792cce1-e451-4f6f-af57-1a5eeff718c7 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eb2.3lift.com/xuid?mid=3335&xuid=5433066005356494175&dongle=4d58&gdpr=1&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	iu3 s.amazon-adsystem.com/ Frame A26A Redirect Chain https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3000524416463435143 https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t	0 0	124ms 123ms	Image text/html	52.46.130.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Server Server Vary User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3000524416463435143&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame A26A Redirect Chain https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1	37 B 139 B	26ms 25ms	Image image/gif	18.157.239.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.239.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-239-120.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Feb 2021 09:00:52 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers Location https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 95 Content-Type text/html; charset=utf-8
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame A26A	0 0	80ms 29ms	Image text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3000524416463435143 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame A26A	0 0	81ms 28ms	Image text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3000524416463435143 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/sync?&ld=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	200 OK	async_usersync Show response secure.adnxs.com/ Frame A83C	0 749 B	82ms 30ms	Script text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/async_usersync?cbfn=AN_async_load Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.105:80 AN-X-Request-Uuid d5a34b2a-ac08-4461-b600-c49018aa2e4a Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0677	42 B 89 B	39ms 38ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqRr7QDC1VQeJZWJ5DbfyeLt5GRAsGwRkAlVtEl8SdqZ7Ho0WF335rPt4zLjxjm5f2iqUk5-BSqZsDOnxEQrW4j2UOiVeQMrIFdXutfco&sig=Cg0ArKJSzC2PCx77ZlYTEAE&id=osdim&mcvt=1001&p=1496,872,1586,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210210&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=42115649&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1613120449355&dlt=0&rpt=997&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/app User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Feb 2021 09:00:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame CFDA	0 749 B	29ms 29ms	Script text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/dmp/async_usersync.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.150:80 AN-X-Request-Uuid 53c2e582-581a-463f-adbd-800ae2af16c3 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame B925	0 748 B	27ms 27ms	Script text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/dmp/async_usersync.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Feb 2021 09:00:52 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.56:80 AN-X-Request-Uuid faec551a-b06e-4434-9099-e9073f8db2a8 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

dmx.districtm.io

URL

https://dmx.districtm.io/b/v1

Domain

dmx.districtm.io

URL

https://dmx.districtm.io/b/v1