urlscan.io logo urlscan.io
SecurityTrails logo

tinyurl.com Open in urlscan Pro
2400:cb00:2048:1::6814:db2a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinyurl.com/ycuqnug6
Effective URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Submission: On September 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 19 domains to perform 51 HTTP transactions. The main IP is 2400:cb00:2048:1::6814:db2a, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is tinyurl.com.
This is the only time tinyurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2400:cb00:204... 13335 (CLOUDFLAR...)
2 52.84.125.197 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.21.246.19 20940 (AKAMAI-ASN1)
2 2600:9000:201... 16509 (AMAZON-02)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 95.172.94.20 15570 (Internap ...)
3 2a00:1450:400... 15169 (GOOGLE)
3 216.58.206.2 15169 (GOOGLE)
6 52.214.67.47 16509 (AMAZON-02)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 178.250.0.74 44788 (ASN-CRITE...)
3 52.210.135.136 16509 (AMAZON-02)
1 95.172.94.27 27281 (QUANTCAST)
2 152.163.66.131 1668 (AOL-ATDN)
1 34.250.84.5 16509 (AMAZON-02)
1 169.55.70.227 36351 (SOFTLAYER)
4 185.33.223.218 29990 (ASN-APPNEXUS)
1 54.219.152.80 16509 (AMAZON-02)
1 95.101.241.61 16625 (AKAMAI-AS)
1 178.250.0.93 44788 (ASN-CRITE...)
4 52.208.47.127 16509 (AMAZON-02)
2 52.212.134.99 16509 (AMAZON-02)
1 74.117.199.102 2762 (ADIFY-1)
2 2a00:1450:400... 15169 (GOOGLE)
51 27
1    2400:cb00:2048:1::6814:db2a (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
tinyurl.com
2    52.84.125.197 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-125-197.iad16.r.cloudfront.net
tags-cdn.deployads.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a00:1450:400c:c04::9b (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
stats.g.doubleclick.net
1    2.21.246.19 (Austria)

ASN20940 (AKAMAI-ASN1, US)
edge.quantserve.com
2    2600:9000:201c:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    95.172.94.20 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: pixel.quantserve.com
pixel.quantserve.com
3    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagservices.com
pagead2.googlesyndication.com
3    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s20-in-f2.1e100.net
securepubads.g.doubleclick.net
6    52.214.67.47 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-67-47.eu-west-1.compute.amazonaws.com
e.deployads.com
1    2400:cb00:2048:1::6814:ff3 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
prebid.districtm.ca
1    178.250.0.74 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: static.criteo.net
static.criteo.net
3    52.210.135.136 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-135-136.eu-west-1.compute.amazonaws.com
c.deployads.com
1    95.172.94.27 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
PTR: pixel.quantserve.com
pixel.quantserve.com
2    152.163.66.131 (United States)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtechus-ads-adtech-mtc-blue-a.evip.aol.com
adserver.adtechus.com
1    34.250.84.5 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-84-5.eu-west-1.compute.amazonaws.com
apex.go.sonobi.com
1    169.55.70.227 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: e3.46.37a9.ip4.static.sl-reverse.com
ap.lijit.com
4    185.33.223.218 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    54.219.152.80 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-219-152-80.us-west-1.compute.amazonaws.com
ht.c1exchange.com
1    95.101.241.61 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-241-61.deploy.akamaitechnologies.com
tags.bluekai.com
1    178.250.0.93 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    52.208.47.127 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-47-127.eu-west-1.compute.amazonaws.com
sync.go.sonobi.com
2    52.212.134.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-134-99.eu-west-1.compute.amazonaws.com
sync.go.sonobi.com
1    74.117.199.102 (San Bruno, United States)

ASN2762 (ADIFY-1 - ADIFY CORPORATION, US)
ad.afy11.net
2    2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
tpc.googlesyndication.com
Domain Requested by
6 sync.go.sonobi.com
6 e.deployads.com tags-cdn.deployads.com
4 ib.adnxs.com tags-cdn.deployads.com
3 c.deployads.com tags-cdn.deployads.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
tinyurl.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tags-cdn.deployads.com
2 adserver.adtechus.com
2 pixel.quantserve.com tinyurl.com
2 rules.quantcount.com edge.quantserve.com
2 stats.g.doubleclick.net tinyurl.com
2 connect.facebook.net tinyurl.com
connect.facebook.net
2 tags-cdn.deployads.com tinyurl.com
tags-cdn.deployads.com
1 ad.afy11.net
1 bidder.criteo.com static.criteo.net
1 tags.bluekai.com
1 ht.c1exchange.com tags-cdn.deployads.com
1 ap.lijit.com tags-cdn.deployads.com
1 apex.go.sonobi.com tags-cdn.deployads.com
1 static.criteo.net tags-cdn.deployads.com
1 prebid.districtm.ca tags-cdn.deployads.com
1 www.googletagservices.com tags-cdn.deployads.com
1 www.facebook.com tinyurl.com
1 edge.quantserve.com tinyurl.com
1 tinyurl.com
51 25

This site contains no links.

Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2017-09-01 -
2017-11-24		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G2		 2017-08-15 -
2017-11-07		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://tinyurl.com/nospam.php?id=ycuqnug6
Frame ID: 17892.1
Requests: 47 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html
Frame ID: 17892.4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170830/r20110914/activeview/osd_listener.js
Frame ID: 17892.2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /adnxs\.(?:net|com)/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /edge\.quantserve\.com\/quant\.js/i

Page Statistics

51
Requests

18 %
HTTPS

31 %
IPv6

19
Domains

25
Subdomains

27
IPs

6
Countries

265 kB
Transfer

752 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 2
  • http://stats.g.doubleclick.net/dc.js
  • https://stats.g.doubleclick.net/dc.js
Request 5
  • http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.6.7dc&utms=1&utmn=136868250&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL.c...
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.6.7dc&utms=1&utmn=136868250&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL....
Request 12
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fe.deployads.com%2Fe%2Fum.js%3Fapn%3D%24UID%26uid%3Dj77o2r5sxrj98e
  • http://e.deployads.com/e/um.js?apn=324018138635868196&uid=j77o2r5sxrj98e
Request 16
  • http://x.bidswitch.net/sync?dsp_id=140&user_id=bc663e00-b43d-4508-befa-dbd0f565ff06&expires=14&ssp=sortable
  • http://c.deployads.com/cs/bswt?b=5b0a820a-2201-42f3-875e-76e13947ec13&i=
Request 18
  • http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
  • http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
Request 26
  • http://tags.bluekai.com/site/25545?id=79CCBF19622B4F019A03F3D643E3AC8C
  • http://tags.bluekai.com/site/25545?dt=0&r=1335785423&sig=3157540328&bkca=KJpnEnWN+lHt57/p+exp17/0zE1y+cx61cRp5MWp1URN57utz9R9ZIR/V9==
Request 31
  • http://x.bidswitch.net/sync?dsp_id=126&user_id=fc436c0944d64be8da85c587360fd660&expires=14&ssp=sonobi
  • http://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5b0a820a-2201-42f3-875e-76e13947ec13
Request 32
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1
  • http://sync.go.sonobi.com/us.gif?nw=td&nuid=8b40eaf3-448f-4726-b089-2208f535604a
Request 33
  • http://bh.contextweb.com/bh/rtset?do=add&pid=561191&ev=32b8c59f-9243-11e7-9051-02b7ca37b73c&daaqp=1&rurl=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • http://sync.go.sonobi.com/us.gif?nw=pp&nuid=hldWRwGXr7eZ
Request 34
  • http://ib.adnxs.com/getuid?http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=324018138635868196
Request 36
  • http://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]&mm_bnc&mm_bct
  • http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3eda59af-af09-4200-818d-df820ed9a990
Request 37
  • http://sync.rhythmxchange.com/usersync2/sonobi
  • http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nospam.php
tinyurl.com/
Redirect Chain
  • http://tinyurl.com/ycuqnug6
  • http://tinyurl.com/nospam.php?id=ycuqnug6
 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6814:db2a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
a7cc434e43ffd6b04914bd467f0f3b4695d1979f38cf7de3b685179e1d7349a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Content-Encoding
gzip
Server
cloudflare-nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Edge-control
!no-store,max-age=20m
Connection
keep-alive
CF-RAY
3999bd9204b86403-FRA

Redirect headers

Date
Tue, 05 Sep 2017 14:04:55 GMT
Server
cloudflare-nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
http://tinyurl.com/nospam.php?id=ycuqnug6
Cache-Control
max-age=3600
Connection
keep-alive
CF-RAY
3999bd8f430c6403-FRA
tinyurl.com.js
tags-cdn.deployads.com/a/ 		213 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags-cdn.deployads.com/a/tinyurl.com.js
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
HTTP/1.1
Server
52.84.125.197 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-125-197.iad16.r.cloudfront.net
Software
nginx/1.6.2 /
Resource Hash
cae125f5c297694c315f97f8de448c7f092be5ff520e8524ede3932592a0b91a

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
public
Date
Tue, 05 Sep 2017 13:57:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2017 13:57:11 UTC
Server
nginx/1.6.2
Age
465
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript;charset=ISO-8859-1
Via
1.1 6a92abdb70a2bb8aa8219da02812b826.cloudfront.net (CloudFront)
Cache-Control
max-age=1800, public
Connection
keep-alive
X-Amz-Cf-Id
PFwITUNHifA8Ewvd-UrBJnvVjvY0olpZV13q6iAm1mMA9F7VSz2eyA==
Expires
Tue, 05 Sep 2017 14:27:11 UTC
fbevents.js
connect.facebook.net/en_US/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2abe861caf51ab1391dbb25a2cc08c44009818a403a6ecbf47af715a1d85a247
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
11294
x-xss-protection
0
pragma
public
x-fb-debug
ioXY/gAY4sWd8bvVhVtxmIxfg3k5zU2mq98tdESG8iXfwaiZQxd+Cr0eCla+jvHz4Tvp2e3xty4//Yj5wMVODw==
x-frame-options
DENY
date
Tue, 05 Sep 2017 14:04:56 GMT
strict-transport-security
max-age=15552000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc.js
stats.g.doubleclick.net/
Redirect Chain
  • http://stats.g.doubleclick.net/dc.js
  • https://stats.g.doubleclick.net/dc.js
 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c04::9b , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b399e0631bb16bf6fb1f596c1c16158f3a31e43409d8d2d39fb8f1a8d981885f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2017 01:11:09 GMT
server
Golfe2
age
299
date
Tue, 05 Sep 2017 13:59:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="40,39,38,37,35"
content-length
15977
expires
Tue, 05 Sep 2017 15:59:57 GMT

Redirect headers

Location
https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason
HSTS
quant.js
edge.quantserve.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
HTTP/1.1
Server
2.21.246.19 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
0356044214bfbedb4744e88e7b07a853ac4fa09bb7381832e48886d6d4b7096e

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 May 2017 20:26:55 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5458
Expires
Wed, 06 Sep 2017 14:04:56 GMT
rules-p-85Tqni4j2acvI.js
rules.quantcount.com/ 		3 B
3 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rules.quantcount.com/rules-p-85Tqni4j2acvI.js
Requested by
Host: edge.quantserve.com
URL: http://edge.quantserve.com/quant.js
Protocol
HTTP/1.1
Server
2600:9000:201c:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 10 Apr 2017 16:01:23 GMT
Via
1.1 2ee0fe9a0480e5e9a23a7364903f489e.cloudfront.net (CloudFront)
Last-Modified
Sat, 04 Mar 2017 20:11:37 GMT
Server
AmazonS3
Age
4998
ETag
"8a80554c91d9fca8acb82f023de02f11"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3
X-Amz-Cf-Id
l5pnntvE3uJ6MgonLeVyx6SW7ngWbSQZpbUNhH3vMRqNfD4Xxi9KIQ==
__utm.gif
stats.g.doubleclick.net/r/
Redirect Chain
  • http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.6.7dc&utms=1&utmn=136868250&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL.c...
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.6.7dc&utms=1&utmn=136868250&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL....
 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.6.7dc&utms=1&utmn=136868250&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL.com%20-%20where%20tiny%20is%20better!&utmhid=621961219&utmr=-&utmp=%2Fnospam.php%3Fid%3Dycuqnug6&utmht=1504620296364&utmac=UA-6779119-1&utmcc=__utma%3D224967455.2000449249.1504620296.1504620296.1504620296.1%3B%2B__utmz%3D224967455.1504620296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1659853408&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c04::9b , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Sep 2017 14:04:56 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="40,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.6.7dc&utms=1&utmn=136868250&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL.com%20-%20where%20tiny%20is%20better!&utmhid=621961219&utmr=-&utmp=%2Fnospam.php%3Fid%3Dycuqnug6&utmht=1504620296364&utmac=UA-6779119-1&utmcc=__utma%3D224967455.2000449249.1504620296.1504620296.1504620296.1%3B%2B__utmz%3D224967455.1504620296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1659853408&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
196261077476671
connect.facebook.net/signals/config/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/196261077476671?v=2.7.21
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a8b5998e874374de154ec6bc5c6bcda5047a2d6e7e96c3ff03bdf6a46e8ce4c9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
12264
x-xss-protection
0
pragma
public
x-fb-debug
PVJCCPL0MmdBQE88YKyV/4/SsHEsTyUtuz/EfcygpiyBFkCeOu9lv5ImgChPorwhSKj1xdOqwarkcRZe/TVyAQ==
x-frame-options
DENY
date
Tue, 05 Sep 2017 14:04:56 GMT
strict-transport-security
max-age=15552000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=196261077476671&ev=PageView&dl=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6&rl=&if=false&ts=1504620296389&v=2.7.21&ec=0&o=28&it=1504620296376
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Tue, 05 Sep 2017 14:04:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 05 Sep 2017 14:04:56 GMT
pixel;r=1312339118;rf=0;a=p-85Tqni4j2acvI;url=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6;fpan=1;fpa=P0-2074956934-1504620296514;ns=0;ce=1;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=150...
pixel.quantserve.com/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.quantserve.com/pixel;r=1312339118;rf=0;a=p-85Tqni4j2acvI;url=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6;fpan=1;fpa=P0-2074956934-1504620296514;ns=0;ce=1;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1504620296514;tzo=0;ogl=
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
HTTP/1.1
Server
95.172.94.20 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS
pixel.quantserve.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
close
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
dbbd6ab5e01c9b41ded2f56ba9a82537d4aaf54af50ce30b98a5b8feb0471804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Sep 2017 15:57:34 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2830
X-XSS-Protection
1; mode=block
Expires
Tue, 05 Sep 2017 14:04:56 GMT
tinyurl.com.js
tags-cdn.deployads.com/im/ 		3 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://tags-cdn.deployads.com/im/tinyurl.com.js?s=tinyurl.com&c=DE&u=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6&cu=j77o2r5sxrj98e&_=j77o2r62h9a1sj
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.84.125.197 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-125-197.iad16.r.cloudfront.net
Software
nginx/1.6.2 /
Resource Hash
193f6a233f91c4b129e90a04d6d005fd5885979960cd924df61d258ed7007fb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Jan 2004 06:25:00 UTC
Server
nginx/1.6.2
Age
1030935
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
text/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin
http://tinyurl.com
Cache-Control
max-age=0, private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Amz-Cf-Id
VxghNxTke-eRY8pljh-sxRVUmYLn94R2srrbRU6Rp9DkGc5QX6fRDw==
Via
1.1 6a92abdb70a2bb8aa8219da02812b826.cloudfront.net (CloudFront)
Expires
Sat, 15 Jan 2000 08:00:00 UTC
pubads_impl_147.js
securepubads.g.doubleclick.net/gpt/ 		203 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
6d8fbc7f6dc806a2e9c82eb2aaa996fcd4888a25dde01c8487c7a425c023bf9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 04 Sep 2017 09:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101394
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
72677
x-xss-protection
1; mode=block
last-modified
Mon, 28 Aug 2017 21:04:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Sep 2018 09:55:02 GMT
um.js
e.deployads.com/e/
Redirect Chain
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fe.deployads.com%2Fe%2Fum.js%3Fapn%3D%24UID%26uid%3Dj77o2r5sxrj98e
  • http://e.deployads.com/e/um.js?apn=324018138635868196&uid=j77o2r5sxrj98e
 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://e.deployads.com/e/um.js?apn=324018138635868196&uid=j77o2r5sxrj98e
Protocol
HTTP/1.1
Server
52.214.67.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-67-47.eu-west-1.compute.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Last-Modified
Sat, 19 Jan 2004 06:25:00 UTC
Server
nginx/1.6.2
Age
1030935
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 15 Jan 2000 08:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:58 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.215:80
AN-X-Request-Uuid
96a67d5c-6ba8-44b5-849e-daa757828a64
Server
nginx/1.11.5
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://e.deployads.com/e/um.js?apn=324018138635868196&uid=j77o2r5sxrj98e
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
lib.js
prebid.districtm.ca/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://prebid.districtm.ca/lib.js
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6814:ff3 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
0b62414609a0cdbcbdced121039e5f7fd10816e7feffd81e123952e9aafda336

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 02 May 2017 19:07:28 GMT
Server
cloudflare-nginx
x-amz-request-id
BEA419517AC74C6F
ETag
W/"84a6207e99be97c20b06572d473d504c"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=28800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3999bd97507c6379-FRA
x-amz-id-2
NyKmob3IeM3rQfmRSVCDlZbhaH+xQYqlm3TVawfYvm8PUYjcp851bPjOfTd5IeLwLZ4Yla+6Yhg=
Expires
Tue, 05 Sep 2017 22:04:56 GMT
publishertag.js
static.criteo.net/js/ld/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.js
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
178.250.0.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
static.criteo.net
Software
nginx /
Resource Hash
41c4161146ad2423c111322cd8e3a9517e3a3df87d5cab6f52e6c8bf789942a4

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Sep 2007 08:50:25 GMT
Server
nginx
ETag
W/"599e925b-cc7b"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Wed, 06 Sep 2017 14:04:56 GMT
rules-p-N04C2m09Yy8f8.js
rules.quantcount.com/ 		3 B
3 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rules.quantcount.com/rules-p-N04C2m09Yy8f8.js
Requested by
Host: edge.quantserve.com
URL: http://edge.quantserve.com/quant.js
Protocol
HTTP/1.1
Server
2600:9000:201c:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Sun, 05 Mar 2017 19:10:22 GMT
Via
1.1 2ee0fe9a0480e5e9a23a7364903f489e.cloudfront.net (CloudFront)
Last-Modified
Sat, 04 Mar 2017 20:30:52 GMT
Server
AmazonS3
Age
20014
ETag
"8a80554c91d9fca8acb82f023de02f11"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3
X-Amz-Cf-Id
PjtzgplrptFUiMYjayEDKT1EfsBEvjYC16rNQaRO1xXfKlCGV8E5Uw==
bswt
c.deployads.com/cs/
Redirect Chain
  • http://x.bidswitch.net/sync?dsp_id=140&user_id=bc663e00-b43d-4508-befa-dbd0f565ff06&expires=14&ssp=sortable
  • http://c.deployads.com/cs/bswt?b=5b0a820a-2201-42f3-875e-76e13947ec13&i=
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.deployads.com/cs/bswt?b=5b0a820a-2201-42f3-875e-76e13947ec13&i=
Protocol
HTTP/1.1
Server
52.210.135.136 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-135-136.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Cache-Control
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
SortableCactus/1.0
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//c.deployads.com/cs/bswt?b=5b0a820a-2201-42f3-875e-76e13947ec13&i=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
pixel;r=168557247;labels=represented.tinyurl_llc.tinyurl_com;rf=3;a=p-N04C2m09Yy8f8;url=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6;fpan=0;fpa=P0-2074956934-1504620296514;ns=0;ce=1;cm=;re...
pixel.quantserve.com/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.quantserve.com/pixel;r=168557247;labels=represented.tinyurl_llc.tinyurl_com;rf=3;a=p-N04C2m09Yy8f8;url=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6;fpan=0;fpa=P0-2074956934-1504620296514;ns=0;ce=1;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1504620296846;tzo=0;ogl=
Protocol
HTTP/1.1
Server
95.172.94.27 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
pixel.quantserve.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
QS
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
close
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/
Redirect Chain
  • http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
  • http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
Protocol
HTTP/1.1
Server
152.163.66.131 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS
adtechus-ads-adtech-mtc-blue-a.evip.aol.com
Software
nginx /
Resource Hash

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
nginx
Access-Control-Allow-Origin
http://tinyurl.com
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
P3P
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location
http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
nginx
Access-Control-Allow-Origin
http://tinyurl.com
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
P3P
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location
http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 15 Jun 1998 00:00:00 GMT
trinity.js
apex.go.sonobi.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apex.go.sonobi.com/trinity.js?key_maker={%22div-gpt-ad-No_Spam_Top%22:%22c82cad7ae992641e6a2b%22,%22div-gpt-ad-No_Spam_Bottom%22:%22fac7e1edfb0e9402511c%22}&cv=sonobi_request_callbackj77o2rbe868w32&s=361
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
34.250.84.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-84-5.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
8b39ae89173a8baca538f477d91665a00d99b4ca60236c4c4ac10c1ceee52d3a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Content-Encoding
gzip
Server
nginx/1.4.6 (Ubuntu)
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-dub-1-6-208
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private, no-cache="set-cookie"
Tcn
Choice
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1373
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		87 B
117 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ap.lijit.com/rtb/bid?callback=sovrn_request_callback_j77o2rbelrdg3w&br={%22id%22:%22j77o2rbev9lk21%22,%22site%22:{%22domain%22:%22tinyurl.com%22,%22page%22:%22%2Fnospam.php%3Fid%3Dycuqnug6%22},%22imp%22:[{%22id%22:%221%22,%22banner%22:{%22w%22:728,%22h%22:90},%22tagid%22:307636,%22bidfloor%22:0.24},{%22id%22:%222%22,%22banner%22:{%22w%22:970,%22h%22:250},%22tagid%22:327901,%22bidfloor%22:0.24}]}
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
e3.46.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
7c20d9fee0c16095277dfa27aaa7371d10c7ef6519524030eae87caa51f1225b

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:57 GMT
Content-Encoding
gzip
LJT_ERROR
[]
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod
ap3iad1
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jpt
ib.adnxs.com/ 		53 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/jpt?psa=0&id=11910765&size=728x90&pmp=1&referrer=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6&reserve=0.24&sr=740&callback=an_cb_j77o2rbfugjydk
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
d43f1ca18e8eac662ad8335332ab58da22c316f3c587d358cf84c2a4dfd3ea24
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:58 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.136:80
AN-X-Request-Uuid
d9af0bac-c5be-4561-af5e-0276124e93fc
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
ib.adnxs.com/ 		53 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/jpt?psa=0&id=11910767&size=970x250&pmp=1&referrer=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6&reserve=0.24&sr=740&callback=an_cb_j77o2rbgbivh67
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
96f7d9bfd7c761f515248f4edfb079184bb1a976b6d90a74344d0225357bb8ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:58 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.216:80
AN-X-Request-Uuid
ff99a79f-c797-4041-b369-82d78689ca85
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
ib.adnxs.com/ 		53 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/jpt?psa=0&id=11406533&size=728x90&pmp=1&referrer=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6&reserve=0.24&callback=df_cb_j77o2rbgmabdfl
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
db10e50b979ae9ef618e797f03e7c84b58be1c6226db102deefbef8adac1d267
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:58 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.212:80
AN-X-Request-Uuid
6d13332b-ac29-43af-81b4-99dcb9f53bb6
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
ib.adnxs.com/ 		53 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/jpt?psa=0&id=11406545&size=970x250&pmp=1&referrer=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6&reserve=0.24&callback=df_cb_j77o2rbgi8y0f7
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
823a43f632a63b464b82e87e5fbcfe58cb00e64b5333bb2cf30aff0d307f722a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:58 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid
4a642352-dc88-45ee-9a27-ca9bb25fcf12
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ht
ht.c1exchange.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ht.c1exchange.com/ht?site=16380&adunits=2&a1=No_Spam_Top&a1s=[728x90]&a2=No_Spam_Bottom&a2s=[970x250]&rid=1504620296909
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
54.219.152.80 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-219-152-80.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
467e16e86d494d84a1ce37c7c9c1fd3aaec996ff631168b85360be07d2963424

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

X-RID
9f4e63d5-b1e7-4bed-ac2b-0ef9c7e26aaa
Connection
keep-alive
Content-Length
1623
Content-Type
application/javascript
25545
tags.bluekai.com/site/
Redirect Chain
  • http://tags.bluekai.com/site/25545?id=79CCBF19622B4F019A03F3D643E3AC8C
  • http://tags.bluekai.com/site/25545?dt=0&r=1335785423&sig=3157540328&bkca=KJpnEnWN+lHt57/p+exp17/0zE1y+cx61cRp5MWp1URN57utz9R9ZIR/V9==
 		62 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tags.bluekai.com/site/25545?dt=0&r=1335785423&sig=3157540328&bkca=KJpnEnWN+lHt57/p+exp17/0zE1y+cx61cRp5MWp1URN57utz9R9ZIR/V9==
Protocol
HTTP/1.1
Server
95.101.241.61 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-241-61.deploy.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:59 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
a401
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location
http://tags.bluekai.com/site/25545?dt=0&r=1335785423&sig=3157540328&bkca=KJpnEnWN+lHt57/p+exp17/0zE1y+cx61cRp5MWp1URN57utz9R9ZIR/V9==
Date
Tue, 05 Sep 2017 14:04:59 GMT
Connection
keep-alive
Content-Length
0
BK-Server
5561
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
tinyurl.com
e.deployads.com/e/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.214.67.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-67-47.eu-west-1.compute.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
2
Content-Type
text/plain;charset=UTF-8
cdb
bidder.criteo.com/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
http://bidder.criteo.com/cdb?ptv=24&profileId=125&cb=61183954504
Requested by
Host: static.criteo.net
URL: http://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Server
178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
http://tinyurl.com
Date
Tue, 05 Sep 2017 14:04:56 GMT
X-Cnection
close
Access-Control-Allow-Credentials
true
Server
Finatra
Content-Length
0
Vary
Origin
start
c.deployads.com/ 		137 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.deployads.com/start
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.210.135.136 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-135-136.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
1b65867a4610026ee1667231e7dc85e5adca4e4adcc5ec5ce40e8fdc84fae733

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
SortableCactus/1.0
Access-Control-Allow-Origin
http://tinyurl.com
Content-Type
application/json
Location
http://c.deployads.com/a/cew-7/lzpifqpmrov4kutau4efe4xrpxchmcj7
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Content-Length
137
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://adserver.adtechus.com/pubapi/3.0/10217.1/3695260/0/-1/ADTECH;cfp=1;rndc=1504620296;cmd=bid;alias=j77o2rbd1dycmw;misc=1504620296905;cors=yes
Protocol
HTTP/1.1
Server
152.163.66.131 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS
adtechus-ads-adtech-mtc-blue-a.evip.aol.com
Software
Adtech Adserver /
Resource Hash
65b099dff538b929972f66dde6f6d107e65736bde8c807e133705b2866f9276c

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id
c5c575b8-7d1a-4b88-a795-cf87f6ca0844
Origin
http://tinyurl.com
Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
Adtech Adserver
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
P3P
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
http://tinyurl.com
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2118
Expires
Mon, 15 Jun 1998 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://x.bidswitch.net/sync?dsp_id=126&user_id=fc436c0944d64be8da85c587360fd660&expires=14&ssp=sonobi
  • http://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5b0a820a-2201-42f3-875e-76e13947ec13
 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5b0a820a-2201-42f3-875e-76e13947ec13
Protocol
HTTP/1.1
Server
52.208.47.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-47-127.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5b0a820a-2201-42f3-875e-76e13947ec13
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1
  • http://sync.go.sonobi.com/us.gif?nw=td&nuid=8b40eaf3-448f-4726-b089-2208f535604a
 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.go.sonobi.com/us.gif?nw=td&nuid=8b40eaf3-448f-4726-b089-2208f535604a
Protocol
HTTP/1.1
Server
52.208.47.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-47-127.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location
http://sync.go.sonobi.com/us.gif?nw=td&nuid=8b40eaf3-448f-4726-b089-2208f535604a
Cache-Control
private,no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Content-Length
191
us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://bh.contextweb.com/bh/rtset?do=add&pid=561191&ev=32b8c59f-9243-11e7-9051-02b7ca37b73c&daaqp=1&rurl=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • http://sync.go.sonobi.com/us.gif?nw=pp&nuid=hldWRwGXr7eZ
 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.go.sonobi.com/us.gif?nw=pp&nuid=hldWRwGXr7eZ
Protocol
HTTP/1.1
Server
52.212.134.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-134-99.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private, no-cache="set-cookie"
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 05 Sep 2017 14:04:57 GMT
Via
1.1 varnish
Server
Jetty(9.2.22.v20170606)
P3P
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Transfer-Encoding
chunked
X-Cache
MISS
Content-Language
en-US
Location
http://sync.go.sonobi.com/us.gif?nw=pp&nuid=hldWRwGXr7eZ
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
X-Cache-Hits
0
Connection
keep-alive
Accept-Ranges
bytes
CW-Server
ams-bh00
X-Served-By
cache-hhn1524-HHN
us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://ib.adnxs.com/getuid?http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=324018138635868196
 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=324018138635868196
Protocol
HTTP/1.1
Server
52.208.47.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-47-127.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private, no-cache="set-cookie"
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:59 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.167:80
AN-X-Request-Uuid
8d8f998b-1632-4d01-99fc-718ee52c3d97
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=324018138635868196
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ad
ad.afy11.net/ 		45 B
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.afy11.net/ad?mode=10&sspid=2585
Protocol
HTTP/1.1
Server
74.117.199.102 San Bruno, United States, ASN2762 (ADIFY-1 - ADIFY CORPORATION, US),
Reverse DNS
Software
Microsoft-IIS/8.5, AdifyServer / ASP.NET
Resource Hash
f11f9e7a7b43ec2de3ea9137553669010def8299f808b5e4348db56f6b050982

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 14:04:56 GMT
Last-Modified
Sat, 1 Jan 2000 01:01:00 GMT
Server
Microsoft-IIS/8.5, AdifyServer
X-Powered-By
ASP.NET
P3P
policyref="http://ad.afy11.net/privacy.xml", CP=" NOI DSP NID ADMa DEVa PSAa PSDa OUR OTRa IND COM NAV STA OTC"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Connection
close
Content-Type
image/gif
Content-Length
45
Expires
Sat, 1 Jan 2000 01:01:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]&mm_bnc&mm_bct
  • http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3eda59af-af09-4200-818d-df820ed9a990
 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3eda59af-af09-4200-818d-df820ed9a990
Protocol
HTTP/1.1
Server
52.212.134.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-134-99.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
MT3 1.15.13.2 f52de02 master zrh-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3eda59af-af09-4200-818d-df820ed9a990
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 05 Sep 2017 14:04:56 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://sync.rhythmxchange.com/usersync2/sonobi
  • http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT
 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT
Protocol
HTTP/1.1
Server
52.208.47.127 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-47-127.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:56 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
nginx
ETag
OPTOUT
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Expires
0
tinyurl.com
e.deployads.com/e/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.214.67.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-67-47.eu-west-1.compute.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
2
Content-Type
text/plain;charset=UTF-8
tinyurl.com
e.deployads.com/e/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.214.67.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-67-47.eu-west-1.compute.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
2
Content-Type
text/plain;charset=UTF-8
lzpifqpmrov4kutau4efe4xrpxchmcj7
c.deployads.com/a/cew-7/ 		11 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.deployads.com/a/cew-7/lzpifqpmrov4kutau4efe4xrpxchmcj7
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.210.135.136 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-135-136.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
SortableCactus/1.0
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
http://tinyurl.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=494077231479913&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=108809107%2C108809154%2C21060003%2C21060922%2C21060875%2C21060878&sc=0&sfv=1-0-10&iu_parts=1966186%2CPub_tinyurl.com_728x90_6%2CPub_tinyurl.com_970x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C970x250&prev_scp=u%3Db5%26r%3D1473%26bf%3Dka%26s%3D0%26bs%3D728x90%26b%3D479%26v%3D1%7Cu%3Db5%26r%3D1473%26bf%3Dka%26s%3D0%26v%3D1&cust_params=ab%3DU%26pm%3D1%26at%3D0%26pt%3Dnospam.php&cookie_enabled=1&abxe=1&lmt=1504620297&dt=1504620297670&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C315&adys=8%2C457&adks=2542020117%2C4209631836&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftinyurl.com%2Fnospam.php%3Fid%3Dycuqnug6&dssz=26&icsg=365073793056&mso=32&std=0&vrg=147&vis=1&ga_vid=2000449249.1504620296&ga_sid=1504620296&ga_hid=621961219&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
41bb437e7111f7b20bd9d1b40b0109d384ecb5a70badccbd172c68ba3def7136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com

Response headers

date
Tue, 05 Sep 2017 14:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
3518
x-xss-protection
1; mode=block
google-lineitem-id
183514476,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
107216172516,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://tinyurl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-10/html/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Purpose
prefetch
Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 04 Sep 2017 10:06:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Jul 2017 14:03:10 GMT
Server
sffe
Age
100693
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1789
X-XSS-Protection
1; mode=block
Expires
Tue, 04 Sep 2018 10:06:44 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-2/html/ Frame 1789 		0
0
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20170830/r20110914/activeview/ Frame 1789 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20170830/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
fa7c563c090cb2b4ca0a62324201a8fa40c5a74003214befa85bd185d71e553c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 04 Sep 2017 09:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
11189
x-xss-protection
1; mode=block
server
cafe
etag
16492023375579747110
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2017 09:55:05 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		83 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
48eb9f32adf8eea39deca5e2e5a7a67979eb4eb2d2a9e06908017a7c8bfdd76f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Tue, 05 Sep 2017 13:28:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
2184
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
1445085175973928292
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
31253
X-XSS-Protection
1; mode=block
Expires
Tue, 05 Sep 2017 14:28:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1789 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxC2V3FxRN3EouAcmKOU24CEInTHGMEn7o_FTvOjO1mLjctnIBDbA__IOPpB_vFIX4vl05gG3a3_g39BcUuWNLdnBaCowthr_L5zdOZoUiISKLwIC0_GZq1MrQ3Q6EYicXQWNJEzjl5ANFddKpGpIGS59cLH2f79XfWVt5VKsnwKtNtcRxCGsnEMLrm4bcpKBvFxSBfXnhIHWnCSBoopp5YqDZ2NQsRQ1g9_PQYPkDdpraGHG79nU7s4-HMomj&sig=Cg0ArKJSzBUyzpdrKHtjEAE&urlfix=1&adurl=
Requested by
Host: tinyurl.com
URL: http://tinyurl.com/nospam.php?id=ycuqnug6
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Sep 2017 14:04:57 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
truncated
/ Frame 1789 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd77a6c49172c25a49c1386d95ff0fc9299b1c7c633852e8a65598128f95af90

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
tinyurl.com
e.deployads.com/e/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.214.67.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-67-47.eu-west-1.compute.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2017 14:04:57 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
2
Content-Type
text/plain;charset=UTF-8
activeview
pagead2.googlesyndication.com/ Frame 1789 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/activeview?avi=BndvUCa-uWZyoKoTcxgKyvaNYAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASEuRonQT7lWVml6rOB_pHK0P5Dg&id=osdim&ti=1&r=u&adk=2542020117&tt=3698&bs=1600,1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&p=8,436,98,1164&inapp=0&mcvt=1007&rs=3&ht=0&tfs=2692&tls=3699&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1600,1200&ss=1600,1200&pt=2&deb=1-1-1-5-38-6&tvt=3693&avms=geo&uc=41&tgt=IFRAME&cl=1&cec=6&clc=1&cac=0&cd=728x90
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2017 14:05:01 GMT
X-Content-Type-Options
nosniff
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Timing-Allow-Origin
*
Content-Length
42
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: http://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Server
52.214.67.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-67-47.eu-west-1.compute.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://tinyurl.com/nospam.php?id=ycuqnug6
Origin
http://tinyurl.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2017 14:05:01 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
2
Content-Type
text/plain;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
http://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Domain/Path Name / Value
.tinyurl.com/ Name: __cfduid
Value: d4df3d1870044dc72a7c3ffd3cdb2653c1504620295
.tinyurl.com/ Name: __utma
Value: 224967455.2000449249.1504620296.1504620296.1504620296.1
.tinyurl.com/ Name: __utmc
Value: 224967455
.tinyurl.com/ Name: tinyUUID
Value: 9aeaf0ccf35b000000000000
tinyurl.com/ Name: id
Value: ycuqnug6
tinyurl.com/ Name: d7s_spc
Value: 2
tinyurl.com/ Name: d7s_uid
Value: j77o2r5sxrj98e
.tinyurl.com/ Name: __utmb
Value: 224967455.1.10.1504620296
.tinyurl.com/ Name: __utmt
Value: 1
.tinyurl.com/ Name: __utmz
Value: 224967455.1504620296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.tinyurl.com/ Name: __qca
Value: P0-2074956934-1504620296514
tinyurl.com/ Name: __rtgt_sid
Value: j77o2r5sxrj98e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.afy11.net
adserver.adtechus.com
ap.lijit.com
apex.go.sonobi.com
bidder.criteo.com
c.deployads.com
connect.facebook.net
e.deployads.com
edge.quantserve.com
ht.c1exchange.com
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.districtm.ca
rules.quantcount.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.go.sonobi.com
tags-cdn.deployads.com
tags.bluekai.com
tinyurl.com
tpc.googlesyndication.com
www.facebook.com
www.googletagservices.com
tpc.googlesyndication.com
152.163.66.131
169.55.70.227
178.250.0.74
178.250.0.93
185.33.223.218
2.21.246.19
216.58.206.2
2400:cb00:2048:1::6814:db2a
2400:cb00:2048:1::6814:ff3
2600:9000:201c:5200:6:44e3:f8c0:93a1
2a00:1450:4001:821::2001
2a00:1450:4001:825::2002
2a00:1450:400c:c04::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.250.84.5
52.208.47.127
52.210.135.136
52.212.134.99
52.214.67.47
52.84.125.197
54.219.152.80
74.117.199.102
95.101.241.61
95.172.94.20
95.172.94.27
0356044214bfbedb4744e88e7b07a853ac4fa09bb7381832e48886d6d4b7096e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b62414609a0cdbcbdced121039e5f7fd10816e7feffd81e123952e9aafda336
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
193f6a233f91c4b129e90a04d6d005fd5885979960cd924df61d258ed7007fb5
1b65867a4610026ee1667231e7dc85e5adca4e4adcc5ec5ce40e8fdc84fae733
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2abe861caf51ab1391dbb25a2cc08c44009818a403a6ecbf47af715a1d85a247
41bb437e7111f7b20bd9d1b40b0109d384ecb5a70badccbd172c68ba3def7136
41c4161146ad2423c111322cd8e3a9517e3a3df87d5cab6f52e6c8bf789942a4
467e16e86d494d84a1ce37c7c9c1fd3aaec996ff631168b85360be07d2963424
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
48eb9f32adf8eea39deca5e2e5a7a67979eb4eb2d2a9e06908017a7c8bfdd76f
65b099dff538b929972f66dde6f6d107e65736bde8c807e133705b2866f9276c
6d8fbc7f6dc806a2e9c82eb2aaa996fcd4888a25dde01c8487c7a425c023bf9c
7c20d9fee0c16095277dfa27aaa7371d10c7ef6519524030eae87caa51f1225b
823a43f632a63b464b82e87e5fbcfe58cb00e64b5333bb2cf30aff0d307f722a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8b39ae89173a8baca538f477d91665a00d99b4ca60236c4c4ac10c1ceee52d3a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
96f7d9bfd7c761f515248f4edfb079184bb1a976b6d90a74344d0225357bb8ee
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7cc434e43ffd6b04914bd467f0f3b4695d1979f38cf7de3b685179e1d7349a5
a8b5998e874374de154ec6bc5c6bcda5047a2d6e7e96c3ff03bdf6a46e8ce4c9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b399e0631bb16bf6fb1f596c1c16158f3a31e43409d8d2d39fb8f1a8d981885f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cae125f5c297694c315f97f8de448c7f092be5ff520e8524ede3932592a0b91a
d43f1ca18e8eac662ad8335332ab58da22c316f3c587d358cf84c2a4dfd3ea24
db10e50b979ae9ef618e797f03e7c84b58be1c6226db102deefbef8adac1d267
dbbd6ab5e01c9b41ded2f56ba9a82537d4aaf54af50ce30b98a5b8feb0471804
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11f9e7a7b43ec2de3ea9137553669010def8299f808b5e4348db56f6b050982
fa7c563c090cb2b4ca0a62324201a8fa40c5a74003214befa85bd185d71e553c
fd77a6c49172c25a49c1386d95ff0fc9299b1c7c633852e8a65598128f95af90