tinyurl.com Open in urlscan Pro
2606:4700:10::6814:8b41  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

• https://rtb.gumgum.com/getuid/szurmxm0?r=https%3A%2F%2Fc.deployads.com%2Fcs%2FGUMG%3Fb%3D HTTP 302
• https://c.deployads.com/cs/GUMG?b=e_856a6157-19ef-484a-9411-7bb09eafae42

Request Chain 15

• https://sync.1rx.io/usersync2/sortable HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5611811371 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5611811371 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/86e3bab1-f0cc-4a93-85df-4eb972d76889 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-29275a06-4f7f-4389-85d4-25f52515bddb-003?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2Fr1%3Fb%3DRX-29275a06-4f7f-4389-85d4-25f52515bddb-003 HTTP 302
• https://c.deployads.com/cs/r1?b=RX-29275a06-4f7f-4389-85d4-25f52515bddb-003

Request Chain 16

• https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=83bac941-8bd2-11eb-b796-1644f9a81506 HTTP 302
• https://c.deployads.com/cs/SPTX?uid=83bac912-8bd2-11eb-b796-1644f9a81506

Request Chain 17

• https://x.bidswitch.net/sync?ssp=sortable HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=sortable HTTP 302
• https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=sortable HTTP 302
• https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sortable HTTP 302
• https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=81689c59-3116-4e7d-ace6-7a89593594c4&ssp=sortable HTTP 302
• https://c.deployads.com/cs/bswt?b=5225d735-7893-4357-aca6-82aa7d850cd4&i=

Request Chain 18

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
• https://c.deployads.com/cs/TTD?b=9b5abaf6-07a3-4b78-a915-3ff5fb67bd17

Request Chain 93

• https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209068981951&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209068981951&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&C=1 HTTP 302
• https://a.tribalfusion.com/i.match?p=b20&u=YFndqVvs0cAE3R.hJ7E8kgAA

Request Chain 94

• https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662209068981951 HTTP 302
• https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEFAhwTTCkazyVeI7p6bYKDI&google_cver=1&google_ula=2786954,0

Request Chain 95

• https://pixel.advertising.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true HTTP 302
• https://pixel.advertising.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true&apid=UP84af0e89-8bd2-11eb-b48a-02e98585498e HTTP 302
• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true&apid=UP84af0e89-8bd2-11eb-b48a-02e98585498e&verify=true HTTP 302
• https://a.tribalfusion.com/i.match?p=b17&u=UP84af0e89-8bd2-11eb-b48a-02e98585498e

Request Chain 96

• https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662209068981951 HTTP 302
• https://a.tribalfusion.com/i.match?p=b23&u=164880803734000691126

Request Chain 97

• https://a.tribalfusion.com/i.match?p=b22&u=18072662209068981951&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209068981951

Request Chain 98

• https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=f745fdc2-65f8-4fdf-b646-21a575c64c55

Request Chain 99

• https://a.tribalfusion.com/i.match?p=b24&u=18072662209068981951&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209068981951

Request Chain 101

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662209068981951%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662209068981951%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662209068981951&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b11&u=FAC241E8-7BF3-4B04-8150-661B43E22A33

Request Chain 102

• https://a.tribalfusion.com/i.match?p=b10&u=18072662209068981951&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209068981951&expires=180

Request Chain 104

• https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662209068981951&redirectId=1001 HTTP 302
• https://a.tribalfusion.com/i.match?p=b21&u=f6aa0aff0b07150b6d6e073f89d4fe HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b21&u=f6aa0aff0b07150b6d6e073f89d4fe

Request Chain 105

• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209068981951&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209068981951&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=84d5d435-8bd2-11eb-b443-16ae82d33506 HTTP 302
• https://a.tribalfusion.com/i.match?p=b19&u=84d5d3fb-8bd2-11eb-b443-16ae82d33506 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b19&u=84d5d3fb-8bd2-11eb-b443-16ae82d33506

Request Chain 108

• https://tags.bluekai.com/site/4229?id=18072662209068981951&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
• https://a.tribalfusion.com/i.match?p=b3&u=OZBP%2Fy99999LpPkQ

Request Chain 119

• https://eb2.3lift.com/sync HTTP 302
• https://eb2.3lift.com/sync?&ld=1

Request Chain 120

• https://eb2.3lift.com/sync HTTP 302
• https://eb2.3lift.com/sync?&ld=1

Request Chain 123

• https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0 HTTP 302
• https://c.deployads.com/cs/QANT?gdpr=1&b=hHlj5dYtN72fK2Dliih7udd_ZrifLGHp03rUHWgO

Request Chain 124

• https://x.bidswitch.net/sync?ssp=sortable HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=sortable HTTP 302
• https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=sortable HTTP 302
• https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sortable HTTP 302
• https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1770b6de-f09d-4763-b4f4-9f35c105e55e&ssp=sortable HTTP 302
• https://c.deployads.com/cs/bswt?b=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&i=

Request Chain 125

• https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&google_hm=MzVmOWJiOWUtZjBjYi00NjRlLThkNWItMzMzOTJhNTZjM2Uy HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&google_hm=MzVmOWJiOWUtZjBjYi00NjRlLThkNWItMzMzOTJhNTZjM2Uy&google_tc= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDcaT0zXWei2LaY0MhQnrPU&google_cver=1&ssp=sonobi&bsw_param=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2

Request Chain 126

• https://sync.1rx.io/usersync2/sortable HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1165140911 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1165140911 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/0d1c209c-4d01-440c-b17a-6e8509859aed HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003

Request Chain 127

• https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758868824953862

Request Chain 128

• https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2773415267 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/b20d4a16-ff84-4d7b-8369-db4a6f020976 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003

Request Chain 129

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
• https://c.deployads.com/cs/TTD?b=b20d4a16-ff84-4d7b-8369-db4a6f020976

Request Chain 130

• https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4386059-ddaa-4400-a475-5212d2848cdc

Request Chain 131

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=td&nuid=b20d4a16-ff84-4d7b-8369-db4a6f020976&pubid=fb9580c293

Request Chain 132

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99 HTTP 302
• https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348%26partner_url%3Dhttps%253A%252F%252Fc.deployads.com%252Fcs%252Fcent%253Fb%253D8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://c.deployads.com/cs/cent?b=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&gdpr=0&gdpr_consent=

Request Chain 133

• https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
• https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 134

• https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
• https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 136

• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJum3ruuxC7ECQVx7lPCklI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 137

• https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D

Request Chain 139

• https://pr-bh.ybp.yahoo.com/sync/triplelift/2702532730809014136?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2662&xuid=y-DMimctVE2oRziKheOcZ46zewe98E9d5i98t6iYkm4Q--~A&dongle=0883

Request Chain 140

• https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
• https://eb2.3lift.com/xuid?mid=3335&xuid=2873145932841728330&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 141

• https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2702532730809014136 HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t

Request Chain 142

• https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 146

• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-3dXtSPJBnNYTh-QLsBpM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 147

• https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D

Request Chain 149

• https://pr-bh.ybp.yahoo.com/sync/triplelift/2702532730809014136?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZH0qlCVE2oQBFrVCaWWTsqhwsFOXu1Cel9ZRTmcHlQ--~A&dongle=0883

Request Chain 150

• https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
• https://eb2.3lift.com/xuid?mid=3335&xuid=8133114071297073437&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 151

• https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2702532730809014136 HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t

Request Chain 152

• https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request 5y7zhd2eWarm Show response tinyurl.com/	6 KB 3 KB	537ms 518ms	Document text/html	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash fa1954a23a171c1b3d19124c44c71154a01d03397a49fedcf995247498f8a44e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers :method GET :authority tinyurl.com :scheme https :path /5y7zhd2eWarm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:02 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=da55b956244181ae9f137d3ff45d0fe711616502182; expires=Thu, 22-Apr-21 12:23:02 GMT; path=/; domain=.tinyurl.com; HttpOnly; SameSite=Lax x-powered-by PHP/7.3.27 cache-control must-revalidate, no-cache, no-store, private strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC cf-request-id 0900a2e9f40000c2e005048000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0efee70c2e0-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	app.css tinyurl.com/css/legacy/	3 KB 1 KB	16ms 15ms	Stylesheet text/css	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/css/legacy/app.css Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d958b72f32da559921abf68e39e1c9428c5824978ff7c081b3953edb36775dc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tinyurl.com/5y7zhd2eWarm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:02 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 15 Mar 2021 12:51:36 GMT server cloudflare age 5736 etag W/"4144746857" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=14400 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6347a0f349b2c2e0-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0900a2ec090000c2e01617a000000001
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.0/	94 KB 94 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 01:15:13 GMT x-content-type-options nosniff age 40069 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 96381 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Mar 2022 01:15:13 GMT
GET H2	200	tinyurl_logo.png tinyurl.com/siteresources/images/	20 KB 20 KB	23ms 22ms	Image image/png	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tinyurl.com/siteresources/images/tinyurl_logo.png Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fbd195fb6d9f8e94530a0d720b4a96dda93a7c870e77c62796651298ffd2f3c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tinyurl.com/5y7zhd2eWarm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:02 GMT vary Accept-Encoding cf-cache-status HIT age 4445 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20029 cf-request-id 0900a2ec1b0000c2e0030f2000000001 last-modified Mon, 15 Mar 2021 12:51:36 GMT server cloudflare etag "3790917092" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6347a0f359c8c2e0-FRA
GET H/1.1	200 OK	tinyurl.com.js Show response tags-cdn.deployads.com/a/	447 KB 141 KB	107ms 43ms	Script text/javascript	13.226.159.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags-cdn.deployads.com/a/tinyurl.com.js Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.159.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-24.dus51.r.cloudfront.net Software Jetty(9.4.22.v20191022) / Resource Hash 239ab01cec12cb5edf5d89e298fb19286cb5976f34b397dd7181770dd95619e2 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma public Date Tue, 23 Mar 2021 12:21:23 GMT Content-Encoding gzip Connection keep-alive Last-Modified Tue, 23 Mar 2021 12:21:23 UTC Server Jetty(9.4.22.v20191022) Age 100 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront) Cache-Control max-age=1800, public X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id lioDqM61oFfrqOpTZUpAH58ZYNk9tyVONECdbr2Lt-ZvsLK_RUvb9w== Expires Tue, 23 Mar 2021 12:51:23 UTC
GET H2	200	common.js Show response tinyurl.com/siteresources/js/	188 B 260 B	36ms 35ms	Script text/javascript	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/siteresources/js/common.js Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54f6b72272a78eb9a9e3eed800fbef12e6f6e8fcc03c85d9b6a514f76c9d6f43 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tinyurl.com/5y7zhd2eWarm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:02 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 15 Mar 2021 12:51:36 GMT server cloudflare age 5940 etag W/"727015232" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=14400 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6347a0f379dec2e0-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0900a2ec2f0000c2e04831a000000001
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	91 KB 23 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23762 x-fb-rlafr 0 pragma public x-fb-debug GG3wRJp2I2X2YEm7RsusopA0TACXV3W8dVSZg7aVkV4eMi1xGBXtlOlFD9e7wVTJqPaqncD1Au7lUMoN9DVHoQ== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 23 Mar 2021 12:23:02 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	dc.js Show response stats.g.doubleclick.net/	45 KB 17 KB	14ms 14ms	Script text/javascript	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/dc.js Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 4630 date Tue, 23 Mar 2021 11:05:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17093 expires Tue, 23 Mar 2021 13:05:52 GMT
GET H2	200	common Show response tinyurl.com/dyn/	43 B 1023 B	518ms 517ms	XHR application/json	2606:4700:10::6814:8b41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tinyurl.com/dyn/common Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash 340ed74a140bf0c63db9fe62625c5cd6bf3e975267c76848cd79346a58f8b765 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://tinyurl.com/5y7zhd2eWarm X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.3.27 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-language en content-type application/json cache-control max-age=0, private strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6347a0f3ea20c2e0-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2ec700000c2e051b87000000001
GET H3-Q050	200	__utm.gif stats.g.doubleclick.net/r/	35 B 412 B	77ms 37ms	Image image/gif	2a00:1450:400c:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=267302147&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&utmhid=1894931764&utmr=-&utmp=%2F5y7zhd2eWarm&utmht=1616502183041&utmac=UA-6779119-1&utmcc=__utma%3D224967455.1452789392.1616502183.1616502183.1616502183.1%3B%2B__utmz%3D224967455.1616502183.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2122302644&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 23 Mar 2021 12:23:03 GMT content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	196261077476671 Show response connect.facebook.net/signals/config/	241 KB 70 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/196261077476671?v=2.9.33&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5302d748b6014de4cff07ebf208b4638db652cda207628bad455f2a4e1a03f43 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 70869 x-fb-rlafr 0 pragma public x-fb-debug EIczhDv0oqluqWUkem7sA2O9DyMdImcRe6c6oud6JUinq5KEN9pbP4i5nJPZglAykgAGnyqe0vqIrvrQjgtSSQ== x-fb-trip-id 917726464 x-frame-options DENY date Tue, 23 Mar 2021 12:23:03 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 258 B	7ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=196261077476671&ev=PageView&dl=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&rl=&if=false&ts=1616502183095&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616502183093.1126242512&it=1616502183055&coo=false&rqm=GET Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 23 Mar 2021 12:23:03 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	57 KB 19 KB	59ms 58ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software sffe / Resource Hash 24facc13a1b4c6e77387b47f870338f47a660bccc24f138e86be67e9aedb044e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "820 / 726 of 1000 / last-modified: 1616497833" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19729 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:03 GMT
GET H2	200	sync Show response c.deployads.com/	431 B 619 B	147ms 47ms	XHR application/json	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/sync?u=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&s=tinyurl.com&g=0&cc=0&cs=&client_build=20302 Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash b042778851c02904690bbcf232f0bc8381fd14ba83be1c5959b8138d55be09b2 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT server SortableCactus/1.0 content-type application/json access-control-allow-origin https://tinyurl.com cache-control no-cache access-control-allow-credentials true content-length 431
GET H3-Q050	200	pubads_impl_2021031601.js Show response securepubads.g.doubleclick.net/gpt/	285 KB 100 KB	61ms 60ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software sffe / Resource Hash eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Mar 2021 08:39:28 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102421 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:03 GMT
GET H2	200	GUMG Show response c.deployads.com/cs/ Frame 5BD7 Redirect Chain https://rtb.gumgum.com/getuid/szurmxm0?r=https%3A%2F%2Fc.deployads.com%2Fcs%2FGUMG%3Fb%3D https://c.deployads.com/cs/GUMG?b=e_856a6157-19ef-484a-9411-7bb09eafae42	43 B 302 B	47ms 47ms	Document image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/cs/GUMG?b=e_856a6157-19ef-484a-9411-7bb09eafae42 Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers :method GET :authority c.deployads.com :scheme https :path /cs/GUMG?b=e_856a6157-19ef-484a-9411-7bb09eafae42 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer about:blank Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-type image/gif content-length 43 server SortableCactus/1.0 set-cookie d7s_dc=44GUMGde_856a6157-19ef-484a-9411-7bb09eafae425;Path=/;Expires=Wed, 23-Mar-2022 18:23:03 GMT;Max-Age=31557600;Secure;SameSite=None expires Thu, 01 Jan 1970 00:00:00 GMT cache-control no-cache pragma no-cache Redirect headers date Tue, 23 Mar 2021 12:23:03 GMT content-length 0 location https://c.deployads.com/cs/GUMG?b=e_856a6157-19ef-484a-9411-7bb09eafae42 server nginx p3p CP="This is not a P3P policy" set-cookie vst=e_856a6157-19ef-484a-9411-7bb09eafae42; Domain=.gumgum.com; Expires=Wed, 23-Mar-2022 12:23:03 GMT; Path=/; Secure; SameSite=None content-language en-US timing-allow-origin *
GET H2	200	r1 c.deployads.com/cs/ Redirect Chain https://sync.1rx.io/usersync2/sortable https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5611811371 https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5611811371 https://sync.1rx.io/usersync/tradedesk/86e3bab1-f0cc-4a93-85df-4eb972d76889 https://sync.targeting.unrulymedia.com/csync/RX-29275a06-4f7f-4389-85d4-25f52515bddb-003?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2Fr1%3Fb%3DRX-29275a06-4f7f-4389-85d4-25f52515bddb-003 https://c.deployads.com/cs/r1?b=RX-29275a06-4f7f-4389-85d4-25f52515bddb-003	43 B 398 B	47ms 46ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/r1?b=RX-29275a06-4f7f-4389-85d4-25f52515bddb-003 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Tue, 23 Mar 2021 12:23:03 GMT Server Tengine ETag RX29275a064f7f438985d425f52515bddb003 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://c.deployads.com/cs/r1?b=RX-29275a06-4f7f-4389-85d4-25f52515bddb-003 Connection keep-alive Content-Type text/html
GET H2	200	SPTX c.deployads.com/cs/ Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID https://sync.search.spotxchange.com/partner?adv_id=8810&redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FSPTX%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=83bac941-8bd2-11eb-b796-1644f9a81506 https://c.deployads.com/cs/SPTX?uid=83bac912-8bd2-11eb-b796-1644f9a81506	43 B 301 B	47ms 46ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/SPTX?uid=83bac912-8bd2-11eb-b796-1644f9a81506 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Tue, 23 Mar 2021 12:23:03 GMT Server nginx Location https://c.deployads.com/cs/SPTX?uid=83bac912-8bd2-11eb-b796-1644f9a81506 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 126 Connection keep-alive Content-Length 0
GET H2	200	bswt c.deployads.com/cs/ Redirect Chain https://x.bidswitch.net/sync?ssp=sortable https://x.bidswitch.net/ul_cb/sync?ssp=sortable https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=sortable https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sortable https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=81689c59-3116-4e7d-ace6-7a89593594c4&ssp=sortable https://c.deployads.com/cs/bswt?b=5225d735-7893-4357-aca6-82aa7d850cd4&i=	43 B 363 B	48ms 48ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/bswt?b=5225d735-7893-4357-aca6-82aa7d850cd4&i= Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location //c.deployads.com/cs/bswt?b=5225d735-7893-4357-aca6-82aa7d850cd4&i= date Tue, 23 Mar 2021 12:23:03 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	TTD c.deployads.com/cs/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1 https://c.deployads.com/cs/TTD?b=9b5abaf6-07a3-4b78-a915-3ff5fb67bd17	43 B 333 B	47ms 46ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/TTD?b=9b5abaf6-07a3-4b78-a915-3ff5fb67bd17 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://c.deployads.com/cs/TTD?b=9b5abaf6-07a3-4b78-a915-3ff5fb67bd17 cache-control private,no-cache, must-revalidate content-type text/html content-length 169
POST H2	200	bid-request Show response a.teads.tv/hb/	16 B 359 B	126ms 62ms	XHR application/json	184.30.21.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-21-51.deploy.static.akamaitechnologies.com Software / Resource Hash 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://tinyurl.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Tue, 23 Mar 2021 12:23:03 GMT
POST H2	200	auction Show response c.deployads.com/openrtb2/	414 B 735 B	169ms 168ms	XHR application/json	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/openrtb2/auction?src=prebid_prebid_4.23.0_custom&host=tinyurl.com Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash 63d4b9c7a5ffa0505b47f1d29a692fa94c9f891bf89bf65e5d721764d872312c Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT server SortableCactus/1.0 content-type application/json access-control-allow-origin https://tinyurl.com cache-control no-cache access-control-allow-credentials true content-length 414 expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 711 B	113ms 39ms	XHR application/json	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:03 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80 AN-X-Request-Uuid 2cf337f9-882c-4f66-8e0e-8070639bc5e3 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	v1 Show response dmx.districtm.io/b/	0 421 B	69ms 25ms	XHR text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Tue, 23 Mar 2021 12:23:03 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://tinyurl.com access-control-allow-credentials true cf-ray 6347a0f6dc16cc42-ZRH access-control-allow-headers Content-Type, Origin cf-request-id 0900a2ee480000cc425f072000000001
GET H/1.1	200 OK	trinity.json Show response apex.go.sonobi.com/	714 B 2 KB	222ms 96ms	XHR application/json	178.162.133.150 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22145427e53f8a94f%22%3A%226998b185322cd01e15a7%7C160x600%22%2C%2215e8f1cc281e379%22%3A%226998b185322cd01e15a7%7C728x90%22%2C%2216d6fbced45b732%22%3A%226998b185322cd01e15a7%7C300x250%22%7D&ref=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&s=a213335d-3930-495e-82f7-691788fe06c2&pv=3c4d58aa-dba4-4c68-94ac-9d9c2d572d62&vp=desktop&lib_name=prebid&lib_v=4.23.0_custom&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-apex.go.sonobi.com Software sonobi-go / Resource Hash a23bb229431b81b50674e2848570223a3d9ea0da863d9f1e20aeca84ce937150 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:03 GMT Content-Encoding gzip Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server apex-ams-1-6-128 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-cache, no-store, private Access-Control-Allow-Credentials true Tcn Choice Content-Type application/json Content-Length 431 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 352 B	150ms 51ms	XHR text/plain	52.209.12.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=4.23.0_custom&p=%5B%7B%22placement_id%22%3A%22kmlznv8q3xot41%22%2C%22callback_id%22%3A%221833c66ac5f1f3b%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222352983247081644305%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&bust=1616502183441&pr=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&scrd=1&dnt=false&description=TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.12.92 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-12-92.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://tinyurl.com pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 743 B	210ms 146ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72295140073&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash c2177f608f76ae84248a233a5d52110279bbd36c5956b34c27a072647f8e1e06 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Tue, 23 Mar 2021 12:23:03 GMT Server ATS/7.1.2.128 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 743 B	274ms 211ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash 1e5751ea6d33eb4870e4eca251c51b503e51c562c8c730ae51db175bc1c0fdbd Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Tue, 23 Mar 2021 12:23:03 GMT Server ATS/7.1.2.128 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 743 B	191ms 128ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969105017575db4f32e72422f001ee&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash c18e7509e99c8b50a54e8cef42cee4edbf8a9f11ad83453a22ecec6ca7e13a03 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Tue, 23 Mar 2021 12:23:03 GMT Server ATS/7.1.2.128 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 506 B	107ms 47ms	XHR application/json	18.194.73.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=4.23.0_custom&referrer=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&tmax=2000 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.73.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-73-120.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT x-auction-status 12, 12 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" access-control-allow-origin https://tinyurl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type application/json; charset=utf-8 content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	40ms 39ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=497435252613182&vrg=2021031601&nw_id=1966186&nslots=3&eid=31060011%2C31060211%2C31060367%2C44739387&pub_url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&start_time=1616502183732&end_time=1616502183734&num_slots_filtered=0 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.ch/adsid/	107 B 165 B	15ms 14ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ch/adsid/integrator.js?domain=tinyurl.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	16ms 15ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=tinyurl.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	15 KB 5 KB	142ms 141ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=497435252613182&correlator=1228461369963962&output=ldjh&impl=fifs&eid=31060011%2C31060211%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=1966186%2CPub_tinyurl.com_160x600_2%2CPub_tinyurl.com_728x90_2%2CPub_tinyurl.com_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%2C728x90%2C300x250&prev_scp=s%3D0%26v%3D1%26u%3D5q5%26sdbg%3D1%26st%3D3%2C8%7Cs%3D0%26v%3D1%2C4%26u%3D8ql%26sdbg%3D1%26st%3D3%2C8%7Cs%3D0%26v%3D1%2C4%26u%3D4wo%26sdbg%3D1%26st%3D3%2C8&cust_params=pt%3D5y7zhd2ewarm%26ab%3D27%26pm%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1616502183&dt=1616502183750&dlt=1616502182908&idt=445&frm=20&biw=1600&bih=1200&oid=3&adxs=3%2C170%2C1280&adys=357%2C123%2C243&adks=5841399%2C2646619246%2C1681971775&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x839%7C1430x96%7C325x639&msz=170x600%7C1430x90%7C300x250&ga_vid=1452789392.1616502183&ga_sid=1616502183&ga_hid=1894931764&ga_fc=true&fws=0%2C0%2C0&ohw=0%2C0%2C0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash 212ad377c4122f24006c6516865eb1d2a8aa927e158ed5a4475c3777fca22c9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5171 x-xss-protection 0 google-lineitem-id 4348201566,4348201566,4348201566 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138203891883,138203891592,138203891604 content-type text/plain; charset=UTF-8 access-control-allow-origin https://tinyurl.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html dc605fd361c2489dc997f282eb0670c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	48ms 15ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc605fd361c2489dc997f282eb0670c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	6ms 5ms	Other text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 6 KB	18ms 18ms	XHR application/json	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b4cad9bce21c8f8b9a7286a0cb278e91e5b910b2ced4fd02f6fe95a6516ec80a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6553 x-xss-protection 0
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 2B67	0 0	60ms 59ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBY1h5pRSvIOB2DeRSRAvNvIU0JThWpQMXHXiKOdfJQs6Tcqgu4hreZoEAzWN4ZPfIBo92-iSV5OuTYo3pEzpGzl95uM3oR-ahhR-X7ggqaYjKUgfQRx7G29D8P_cvvm2-eNAOkOWz9eKjnlXMkJQv-5mS7IXjCe7D5PATQwvy0fZtMgpfiILHJRsG1UUmcLgSncFO4u4dJTt0ruZeuV7OCdAUPTYCvp4Y0zPNkXwR9zk58utpWVGI066Zczhv93zM_8EhcbLM-9MfYgzp-O2vnwZWED2DDICX-g7xDNBlF6BhkiZtLF7eHmU&sai=AMfl-YR2q9nT3rSh2E82pA1BhNDqFafjypmb7l-LpPSnlbaRDd0oDwxZJf8n4_VkiDXi1KiSNn-cexiPRnfOlyOcKbpT4ZMBoqaVxESsUrlRWNSkUIfcxYr3j_R2H2ZsqNw&sig=Cg0ArKJSzAtpqpHH2UoOEAE&urlfix=1&adurl= Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:03 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/ Frame 2B67	7 KB 2 KB	203ms 180ms	Script application/x-javascript	2606:4700::6812:417 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 0900a2f0070000bea6d6314000000001 x-function 151 last-modified Fri, 21 Jun 2013 00:18:47 GMT server cloudflare x-reuse-index 2 etag 5909443542969422214 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, public cf-ray 6347a0f9ab02bea6-FRA expires Tue, 23 Mar 2021 13:23:04 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2B67	118 KB 36 KB	35ms 14ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616429061647350" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36559 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:03 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame D10B	0 0	60ms 59ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSHTk4KWkzAYw560WnSPr9GWiogqG7NOdJ8oAnXGwKK_O-02edtQZTSEE7iQvdEf4DiP49wG4F2b8IhOnKUvgf8QYl9WTqSAWwivgG7peV776QffwuAMI54uD4c_r0Fc4gptgL9Ib63dQdmNO_VnJwJVxtTFWl2pVTe4ts9-eBpcz8iu4na-bmdhfqiUKGdAkd4vDXApmXcBczNZk3zJtddL2kmZC1E6bAD1imRuwsSAXKfqywt6SDhn8SnaiFK7bGe5J3MCEh0BgHE8BjA80x7cE7nzLUcjztnY0vmh88Wnb57vZjLc7U2Q&sai=AMfl-YSKmSmbduaDvXi3jjLs_eingZaKRDEckgyVjQkBPJuYqY_W7A3_lvsHrmNtWKJJv0EMdGTEwDlUkw1TVOE2R2Y1jT0dNoXGW3X8uEbCx-HW8XAtUl7JGOxy2Us4WuQ&sig=Cg0ArKJSzHXm34U12EbrEAE&urlfix=1&adurl= Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:03 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/ Frame D10B	7 KB 2 KB	203ms 184ms	Script application/x-javascript	2606:4700::6812:417 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 0900a2f0070000bea6d8a69000000001 x-function 151 last-modified Fri, 21 Jun 2013 00:18:47 GMT server cloudflare x-reuse-index 3 etag 5909443542969422214 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, public cf-ray 6347a0f9ab03bea6-FRA expires Tue, 23 Mar 2021 13:23:04 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D10B	118 KB 36 KB	45ms 29ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616429061647350" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36559 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:03 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 894B	0 0	59ms 59ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLzAvt_SLuQoywlV_SzsR2Nh-f_WIIikbwU4xRAn-fugybBdKLy0SwLbnBhZZMXcmoYhkjCWkGrU0p0s1vH-Y44jOxIoO5CnAFGDDHFc_NcZ7hvKJsBvn1MRPbpHGGdL8OVi-Pkx8F-6H0cLr4QKlX5vbqyix3Zx2L-dlMB7mWQXiDlYwS5C6elH6DEYChMLxIO1_Y1yQh7M4aT9ZUQLhKdVbuckQd5_in2O-tnXuUBjl987hmjbnwx1jQA0MQlPZorIpiio9ApUC8S3iE9VjOTapQjsswqr4JjEBy-tu9xqK5jF8b0RoC&sai=AMfl-YSB82LV89WzPYp_IbYyKy8gDUlEJD5GIvq7se2oUKBFQwhopBfakcgJYvGVZ0AYxpHaleKBi4VODuqQpVVKhpFd56wvrUKeHzwPsscIW0U5bsiZvauWYkPyDXS09Rk&sig=Cg0ArKJSzCykayb2RnrGEAE&urlfix=1&adurl= Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:03 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/ Frame 894B	7 KB 3 KB	194ms 178ms	Script application/x-javascript	2606:4700::6812:417 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 0900a2f0080000bea6de3b3000000001 x-function 151 last-modified Fri, 21 Jun 2013 00:18:47 GMT server cloudflare x-reuse-index 243 etag 5909443542969422214 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, public cf-ray 6347a0f9ab04bea6-FRA expires Tue, 23 Mar 2021 13:23:04 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 894B	118 KB 36 KB	33ms 20ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616429061647350" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36559 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:03 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a49f3a596465ec35441ddef2884e107916aab09d37dedcd36d785a4e313c0043 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616429055681843" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28237 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:03 GMT
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:03 GMT
POST H2	200	tinyurl.com Show response e.deployads.com/e/	2 B 127 B	173ms 67ms	XHR text/plain	18.202.37.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e.deployads.com/e/tinyurl.com Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.37.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-37-41.eu-west-1.compute.amazonaws.com Software Jetty(7.6.12.v20130726) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Tue, 23 Mar 2021 12:23:04 GMT server Jetty(7.6.12.v20130726) content-length 2 content-type text/plain;charset=UTF-8
POST H2	200	bid-request Show response a.teads.tv/hb/	16 B 245 B	63ms 63ms	XHR application/json	184.30.21.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-21-51.deploy.static.akamaitechnologies.com Software / Resource Hash 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://tinyurl.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Tue, 23 Mar 2021 12:23:03 GMT
POST H2	200	auction Show response c.deployads.com/openrtb2/	531 B 955 B	163ms 162ms	XHR application/json	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.deployads.com/openrtb2/auction?src=prebid_prebid_4.23.0_custom&host=tinyurl.com Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash c626b68cfa36f1dfdac6963e2b4eb0267ed0d7a7d8e15db4e5ef3fdda5cced52 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:04 GMT server SortableCactus/1.0 content-type application/json access-control-allow-origin https://tinyurl.com cache-control no-cache access-control-allow-credentials true content-length 531 expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 711 B	49ms 49ms	XHR application/json	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:03 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.179:80 AN-X-Request-Uuid 7d76ee34-bd5a-42b9-887f-47bed30f0557 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	v1 Show response dmx.districtm.io/b/	0 61 B	29ms 29ms	XHR text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Tue, 23 Mar 2021 12:23:03 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://tinyurl.com access-control-allow-credentials true cf-ray 6347a0f9ca21cc42-ZRH access-control-allow-headers Content-Type, Origin cf-request-id 0900a2f01f0000cc42ada92000000001
GET H/1.1	200 OK	trinity.json Show response apex.go.sonobi.com/	672 B 2 KB	64ms 63ms	XHR application/json	178.162.133.150 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22343897b11c67bb8%22%3A%22ad559ed82e9f14739f52%7C728x90%22%7D&ref=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&s=7afe80ad-9b8a-42ea-8c5a-7fcbab1b5825&pv=3c4d58aa-dba4-4c68-94ac-9d9c2d572d62&vp=desktop&lib_name=prebid&lib_v=4.23.0_custom&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-apex.go.sonobi.com Software sonobi-go / Resource Hash 9b4a6d5e41cba4f13ebd795bc9db3e484e22513b23658e8df7284f59086d3a17 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:03 GMT Content-Encoding gzip Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server apex-ams-1-6-128 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://tinyurl.com Cache-Control no-cache, no-store, private Access-Control-Allow-Credentials true Tcn Choice Content-Type application/json Content-Length 404 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 351 B	51ms 51ms	XHR text/plain	52.209.12.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=4.23.0_custom&p=%5B%7B%22placement_id%22%3A%22ad-kmlznvt7bdtlhs%22%2C%22callback_id%22%3A%223683439e4c6c51a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222352983247081644305%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&bust=1616502183950&pr=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&scrd=1&dnt=false&description=TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.12.92 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-12-92.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://tinyurl.com pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 743 B	150ms 150ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash e3164dfd62fc02fe48e719116bafba5851f1b069e56f61b66ff5f2f14f756daf Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Tue, 23 Mar 2021 12:23:04 GMT Server ATS/7.1.2.128 Age 1 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://tinyurl.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 489 B	29ms 29ms	XHR application/json	18.194.73.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=4.23.0_custom&referrer=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&tmax=2000 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.73.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-73-120.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:03 GMT x-auction-status 12 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" access-control-allow-origin https://tinyurl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type application/json; charset=utf-8 content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame BDE8	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Tue, 23 Mar 2021 09:56:46 GMT expires Wed, 23 Mar 2022 09:56:46 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 8777 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js Show response pagead2.googlesyndication.com/bg/ Frame BDE8	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 17:42:44 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 15 Mar 2021 13:45:00 GMT server sffe age 67220 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5657 x-xss-protection 0 expires Tue, 22 Mar 2022 17:42:44 GMT
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 46 B	39ms 39ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=497435252613182&vrg=2021031601&nw_id=1966186&nslots=4&eid=31060011%2C31060211%2C31060367%2C44739387&pub_url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&start_time=1616502184127&end_time=1616502184127&num_slots_filtered=0 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	integrator.js Show response adservice.google.ch/adsid/	107 B 777 B	45ms 31ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ch/adsid/integrator.js?domain=tinyurl.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	integrator.js Show response adservice.google.com/adsid/	107 B 531 B	43ms 30ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=tinyurl.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 3 KB	107ms 107ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=497435252613182&correlator=1228461369963962&output=ldjh&impl=fifs&eid=31060011%2C31060211%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=1966186%2CPub_tinyurl.com_728x90_7&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=s%3D0%26v%3D3%26u%3Dkh%26sdbg%3D1%26st%3D8&cust_params=pt%3D5y7zhd2ewarm%26ab%3D27%26pm%3D1&cookie=ID%3D3d94df3e79c8f5f5-2203ba60ddba00b6%3AT%3D1616502183%3AS%3DALNI_Ma7ZxU-dEMslx-I5_MWZhtFKgSXQg&bc=31&abxe=1&lmt=1616502184&dt=1616502184131&dlt=1616502182908&idt=445&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1265&adks=103630569&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&psts=AGkb-H_tYBXjJnx_oerJxJTDoG_93kyTDADDAhyhXZdOPLbzjexuSiuMB81K0dQ4-FQZnrwQv7CoBx_DvmHD8YpBLzc%2CAGkb-H-bmr-Gi3_yyKP5FA23IU3lOUkf6nngqEEFajf_NqX2a2BVNT1QePPcVI7DVMUIW38CScgT64wm4htdbBSRL3c%2CAGkb-H82sxd4fq6BvdhJEI7wxp8Qwb3zxNtIJq1SsHzx4tCQlp8yLTjvyOM-esFmk67GC1gy4meePiaDaJTk-wJJJho&ga_vid=1452789392.1616502183&ga_sid=1616502183&ga_hid=1894931764&ga_fc=true&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash 901e3977f3ce7cdb1c0b2793041a62ae606d7b6c3f8a1eee89ab03b95bc59f6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2546 x-xss-protection 0 google-lineitem-id 4348201566 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138203891889 content-type text/plain; charset=UTF-8 access-control-allow-origin https://tinyurl.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tags.js Show response s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/ Frame 894B	59 KB 14 KB	203ms 187ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4357b44d04d4d7885fad9fb73b1ef31abe582e52087637377b0a86aad3b29ed Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14004 cf-request-id 0900a2f0f200004e496db02000000001 x-function 151 last-modified Wed, 29 Jul 2020 11:50:12 GMT server cloudflare x-reuse-index 792 etag 12745472060267020797 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 6347a0fb18664e49-FRA expires Tue, 23 Mar 2021 13:23:04 GMT
GET H2	200	tags.js Show response s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/ Frame 2B67	59 KB 14 KB	207ms 191ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4357b44d04d4d7885fad9fb73b1ef31abe582e52087637377b0a86aad3b29ed Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14004 cf-request-id 0900a2f0f200004e49548d3000000001 x-function 151 last-modified Wed, 29 Jul 2020 11:50:12 GMT server cloudflare x-reuse-index 346 etag 12745472060267020797 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 6347a0fb18674e49-FRA expires Tue, 23 Mar 2021 13:23:04 GMT
GET H2	200	tags.js Show response s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/ Frame D10B	59 KB 14 KB	203ms 188ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4357b44d04d4d7885fad9fb73b1ef31abe582e52087637377b0a86aad3b29ed Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14004 cf-request-id 0900a2f0f200004e497305d000000001 x-function 151 last-modified Wed, 29 Jul 2020 11:50:12 GMT server cloudflare x-reuse-index 13 etag 12745472060267020797 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 6347a0fb18694e49-FRA expires Tue, 23 Mar 2021 13:23:04 GMT
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 23 B	41ms 41ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031601&jk=497435252613182&bg=!JSalJmLNAAbUo7L91KM7ACkAdvg8WkHcwhT84maYJOq_ympAs25EoeN11xNTBPSM5l6OY7deu-0JBQIAAAB5UgAAAA5oAQcKAXGHQqIahVzT30sNGLG86nZZMP7sK_uTUiSmHeDJNdP-m331OaNbPiADFvRPe1BZW_iwGxKESbMIWZHcK5so3MorJFFIPz7x8jUavHioPxNL5qcvlYJpCkI4QHwUT9E6BdBXF5CiknbS3_OpGKavVuS6tBcy3On9cs3Q5AOwuIRovk56ZIAxBJlIk_l9nItdHsX7MAzgytiV1ccVNjQ0wIwhCdDus0nku9O33-t7rXTj2ZM00Vw7uQY2PCsTGAdYDyhJ70pGbLF7Y5QdOu-iSAEOy_oodvfmbsdHVWYThlkkY0O8mTkNVfkEuG7NTEZ5cMhIKSlLBt8Ald0dzZGLYXTSs0YpGPo9avrqNfapKPMFFFBQuDcFSAdrlJXZATvmOBXs2C6OQYcxXFc6Pka_q9X1tUsi8YQF6KR6QIk98Z8mZkwSnBgbbWN_nYOEg0VgsQOW89IrXLIK_fhJebtjBVxs1iByMKlYqA-wvgNpg9tb_R2ZAdc-KpzApVYbXnbYAiUlVH1Y12gKL9xpalFYQg9ztsXS1NsIc-PELeXhDFBquTA3gbVLyuBQ7kmPthLB4e7currvydRmVzWPc1ZyJYOLugRFRyq6qit9J0Ey8FIMd_Ajwlyt6uuuXwcSicoBMo6tIzSCxV7IaByT8Kl1AykBXB_Wcn4dN60QLzzG3cuu4HSOiiU186IgWMJ7E3l1B3-qIOKALpwUsmyzPyqXggLw7bdRet3jCrFupwNpm8J3gdiDfQ9_EUczMWlX18gbNuY5bxsEb_I3oTnQV3e2JtXBJxCshQUNRIHLn3AL9FgGwvzPZ7iV3SRWl6LaOknq_6RbE_czlddgE2cspV2ynHGlq3wY7b5rDEhXFCEgVWa2QGeWZwl7upS58z0tIxYG8mvJdL2OHpWeOpkJJrABrGZiUvepoNi9-gqrLJIvUBBSLsBJNyBKcNHD9p-Aqf54pCeLS0fvRIZqEczXPRjEM4qke4C31XBAgnxULtQQlEqyHSC7rEgRkd_k05lK6_ODl2tEFeP4XmjFoBl-9oq-mLuWcTWMwTWe7eA8aZqlP3S3IzCg1xG2d7V85HWDyRDGuBnqnPN_a4bXaUa9cICaLAEe9ONN1ZvMaUI8Tbc Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 590F	0 0	60ms 59ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjBkvgUjIpu7U0gTbtHvsBNACO1b0ePoVxHb5xglNXZuam12JrRo7qtWAI3-0C-C18lRZWWnT3OWQ3_Oe6A_UC1bffWWdLg8Q8F7kIIWiq-3xIruC6VllqFDvjUs4JLEp43Pcorp6sLO39lU6PZg3mY9w-eMzCBu1WFa5oc69n_amP-vH47EglEqwO7ELn0Dw9X-eRAEx4Pkka37jW1kNmakMsfdhqrKAeuv86pNI8V9AdZVWtutcqKmLHXZWyVFqEEBgb7YLHgu_AtowEQbBvaX4E0Du_n4zuXVzyGX-l44sFAgrA8N8&sig=Cg0ArKJSzNPhvrprol3DEAE&urlfix=1&adurl= Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:04 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/ Frame 590F	7 KB 2 KB	762ms 761ms	Script application/x-javascript	2606:4700::6812:417 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 0900a2f13c0000bea6d8a6f000000001 x-function 151 last-modified Fri, 21 Jun 2013 00:18:47 GMT server cloudflare x-reuse-index 1 etag 5909443542969422214 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, public cf-ray 6347a0fb9b6cbea6-FRA expires Tue, 23 Mar 2021 13:23:04 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 590F	118 KB 36 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616429061647350" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36559 x-xss-protection 0 expires Tue, 23 Mar 2021 12:23:04 GMT
POST H2	200	tinyurl.com Show response e.deployads.com/e/	2 B 126 B	49ms 48ms	XHR text/plain	18.202.37.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e.deployads.com/e/tinyurl.com Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.37.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-37-41.eu-west-1.compute.amazonaws.com Software Jetty(7.6.12.v20130726) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Tue, 23 Mar 2021 12:23:04 GMT server Jetty(7.6.12.v20130726) content-length 2 content-type text/plain;charset=UTF-8
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame D10B	678 B 734 B	165ms 165ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da037aca72e6a6a114a97ef9648125105ec409ed6fd303234f62ffb0de6c31d9 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 331 cf-request-id 0900a2f1a500004e49591aa000000001 x-function 153 last-modified Tue, 04 Apr 2017 05:09:56 GMT server cloudflare x-reuse-index 548 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 6347a0fc3a304e49-FRA expires Mon, 21 Jun 2021 12:23:04 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 894B	678 B 684 B	178ms 177ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58c59c1869262dffb369081b67d88da4fc547433dce368d1077345b0afc91443 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 330 cf-request-id 0900a2f1ab00004e49372de000000001 x-function 153 last-modified Tue, 04 Apr 2017 05:09:56 GMT server cloudflare x-reuse-index 415 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 6347a0fc4a434e49-FRA expires Mon, 21 Jun 2021 12:23:04 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 2B67	677 B 675 B	173ms 172ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cefbbc90a83678278c14be9379a00acf9e094cbc4809bb5a2fa5b3e4cd115228 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 330 cf-request-id 0900a2f1b000004e4927b13000000001 x-function 153 last-modified Tue, 04 Apr 2017 05:09:56 GMT server cloudflare x-reuse-index 660 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 6347a0fc4a544e49-FRA expires Mon, 21 Jun 2021 12:23:04 GMT
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame D10B	2 KB 1 KB	203ms 203ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=a4mneMmFQZcXsvT1VY1XsbuMdbbPRypCb&a=1&adContainerId=richmedia_2&rnd=2108481 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a18dddccffdf56cf3f1c73c808e838c6b0e01fd04386e7c4e64402db5cac32b9 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 801 cf-request-id 0900a2f25600004e4935804000000001 pragma no-cache x-function 101 server cloudflare x-reuse-index 237 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 6347a0fd5c704e49-FRA expires 0
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame 894B	5 KB 3 KB	186ms 186ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1660c409ddc395afb3f507fa6abc2c08800763ff978ff96389bc84667d9db7c Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1879 cf-request-id 0900a2f25f00004e494dbe9000000001 pragma no-cache x-function 101 server cloudflare x-reuse-index 197 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 6347a0fd6c924e49-FRA expires 0
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame 2B67	20 B 393 B	188ms 188ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aKmneMXqns5aFg2TM5oa7BUGJRPRyYAX&a=5&adContainerId=richmedia_6&rnd=2111872 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 217bab4b917050f880628e822c751053b9f0220011a1e2d2d36627daacb3da2b Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-encoding none cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20 cf-request-id 0900a2f26100004e49682d5000000001 pragma no-cache x-function 101 server cloudflare x-reuse-index 57 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 6347a0fd6c9b4e49-FRA expires 0
GET H2	200	/ www.facebook.com/tr/	44 B 257 B	6ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=196261077476671&ev=Microdata&dl=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&rl=&if=false&ts=1616502184604&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL%22%2C%22meta%3Adescription%22%3A%22TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.%22%2C%22meta%3Akeywords%22%3A%22tinyurl%20url%20save%20share%20shorten%20analyze%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616502184602.466234813&it=1616502183055&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:04 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 23 Mar 2021 12:23:04 GMT
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 3E09	242 B 293 B	166ms 164ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb8UHb1om3IpG3oodYL2Er75duM5AbGnUnIXsMP1crY1VZbwnTj43rZb4VUfGUArVRTM1QcZbtSHBtYHjwVmUN4sJ00UnDUPTw4AZb6PAFI2HvmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavStM8Vsr35b6nmWqmYTmu2d3ZaQsBZd4A3HmdXyVWQ65FrUvwFgbY&mediaDataID=4056396&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=a4mneMmFQZcXsvT1VY1XsbuMdbbPRypCb&a=1&adContainerId=richmedia_2&rnd=2108481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc16b4d5ff319a1daa69cfc660991663b2f0f29add8f02b02bd25b96312e62f6 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=apmTR8oTbD1rZb8UHb1om3IpG3oodYL2Er75duM5AbGnUnIXsMP1crY1VZbwnTj43rZb4VUfGUArVRTM1QcZbtSHBtYHjwVmUN4sJ00UnDUPTw4AZb6PAFI2HvmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavStM8Vsr35b6nmWqmYTmu2d3ZaQsBZd4A3HmdXyVWQ65FrUvwFgbY&mediaDataID=4056396&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=a1nsmAMwTk56Xlypr9jEy04Ef8f9dF7NVWnsEv1srTuZdEh3vmP2KDMNeUZbVPPAUU2BnsMb4ZcCCbe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 1916 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f31e00004e494dbf4000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0fe9e714e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 8733	275 B 357 B	164ms 163ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aqmTR8PHvdUVMT2Uuomdas0q2N3dQFPGZbZa26BEodEyTtFdXUMa1Ufi1qAsRbYZbUrJQVdQ5orFvRFjqYEFs3aBc2TrPmEZbE1r3cWHBXn6QBnV7rotnA2qMk5tiN5mvZanUfZc0GnY1sU3XGbnmEfT3FvWTFbCUPr4PEr1PcZbtStZbr1dvpT6Qp3Vv3XbFLUPim46ZbdQAbB2Wry0drDnWIo36BY3sj7SGUVy73Zbtc&mediaDataID=6530936&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=a4mneMmFQZcXsvT1VY1XsbuMdbbPRypCb&a=1&adContainerId=richmedia_2&rnd=2108481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e5fa9a3e14409b423fbc67e2b7f24e8591c1dc40ddec2a0dc935ef9f399656f Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aqmTR8PHvdUVMT2Uuomdas0q2N3dQFPGZbZa26BEodEyTtFdXUMa1Ufi1qAsRbYZbUrJQVdQ5orFvRFjqYEFs3aBc2TrPmEZbE1r3cWHBXn6QBnV7rotnA2qMk5tiN5mvZanUfZc0GnY1sU3XGbnmEfT3FvWTFbCUPr4PEr1PcZbtStZbr1dvpT6Qp3Vv3XbFLUPim46ZbdQAbB2Wry0drDnWIo36BY3sj7SGUVy73Zbtc&mediaDataID=6530936&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 367 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f31f00004e4946b52000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0fe9e724e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 2E1C	213 B 285 B	190ms 189ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=armTR84sY40UUIUPan4PY7R6JF4Hrt1dvAptTn563Y5VvcTV3dUcZbjSAnvUdQ3UUrR3rEmUqvxTEQbQTBZdQcFARFixRWQlUVjP2F2xnHZaOXaex4tUGPV7D2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJIXUFcTHbPn6fLns7rpdnC3Er83HEM5mjGprbE0GfQ4GYjxdZb22e&mediaDataID=6347136&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=a4mneMmFQZcXsvT1VY1XsbuMdbbPRypCb&a=1&adContainerId=richmedia_2&rnd=2108481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50387de76b4fb047737bee49438eb5141f23910b690b354ac9b88ff3725ee108 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=armTR84sY40UUIUPan4PY7R6JF4Hrt1dvAptTn563Y5VvcTV3dUcZbjSAnvUdQ3UUrR3rEmUqvxTEQbQTBZdQcFARFixRWQlUVjP2F2xnHZaOXaex4tUGPV7D2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJIXUFcTHbPn6fLns7rpdnC3Er83HEM5mjGprbE0GfQ4GYjxdZb22e&mediaDataID=6347136&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 63 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f31f00004e49172a5000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0fe9e744e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated / Frame D10B	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f43ae20b2f836e2744c0dbea1bcea29a81f6f38169e0ab0ae57fa4e2fb45ac85 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	p.media Show response s.tribalfusion.com/ Frame BA8A	201 B 278 B	167ms 167ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aRmTR8mHnC5EUe5d6p3PrZdprUI0V3TYsMVXVnonTb43rQPVrbEUAQ1QTQ0QcYMQW3t1d7mT6nn4cY5XUZbJVAuu26YgPmFC4WFmXWMAmHao5mBV5VMfUcv8Uc78R6FuUHJWWrbS5rZapUqnvWEYbQEMZcQVFZcRbipRHncVVbU2Fuxmtqq0q2p3dQCPVJZc5PJZboWXpUtJ6XbQjYbj60T6MPbJZbWUBXQWUiyUpONQ&mediaDataID=7665496&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c42495f2dbf1009d4a5e4214c3af588d5f692ecb3c13dfcd84021712937b89c1 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aRmTR8mHnC5EUe5d6p3PrZdprUI0V3TYsMVXVnonTb43rQPVrbEUAQ1QTQ0QcYMQW3t1d7mT6nn4cY5XUZbJVAuu26YgPmFC4WFmXWMAmHao5mBV5VMfUcv8Uc78R6FuUHJWWrbS5rZapUqnvWEYbQEMZcQVFZcRbipRHncVVbU2Fuxmtqq0q2p3dQCPVJZc5PJZboWXpUtJ6XbQjYbj60T6MPbJZbWUBXQWUiyUpONQ&mediaDataID=7665496&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 640 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f34c00004e4948a2d000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeee24e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 6BA9	373 B 392 B	175ms 175ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aSmTR84dMESGjH263LmtTrVWbc0rn9XU79XqyNRbUZbUrU5VH33or7qQFBrYEUy5q3c4qv0oTfK1bZb9UHMRomMDpsruoWQG5EFk5tZaN46BGnbbLXsnTXGZbYXGbnnavT3rJVTFfZbUPn5REvQPs3tQdfNYtjqTmnv2sQ5YUZbJVmqw4AZb9R6JK3trm1tvCmH2u5PBV4Vr7TcnkWVJ7R6QoWdF3WrM10FADMRTZblA&mediaDataID=6546596&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a71e9cfce8ace473b360e556fcdeeb9417d9bf45fd3a12f9dfb2f9c59118f32 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aSmTR84dMESGjH263LmtTrVWbc0rn9XU79XqyNRbUZbUrU5VH33or7qQFBrYEUy5q3c4qv0oTfK1bZb9UHMRomMDpsruoWQG5EFk5tZaN46BGnbbLXsnTXGZbYXGbnnavT3rJVTFfZbUPn5REvQPs3tQdfNYtjqTmnv2sQ5YUZbJVmqw4AZb9R6JK3trm1tvCmH2u5PBV4Vr7TcnkWVJ7R6QoWdF3WrM10FADMRTZblA&mediaDataID=6546596&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 433 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f34d00004e49803fc000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeee34e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame EE53	324 B 397 B	471ms 471ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aTmTR84WUqXWYIndaO4mZbP3sUdTsYaVsF8PAZbnUdY3UUf23UIoUq3sWEMaQTUFSsYAPb6nPHrkUGMU4F6noW6M0Eyn2t3CSGMD2mrHpH6yTHQ9YbM9YFBiXaeMRUJHUrZbYTtQTobBmRUfNXTUs5Efl2ar4oEfCYrF9THMRoAnBnV7nmH3J2Tnf2WZat46vZanFbLYcnQYcMU0sZbonaj45UF2TFnFP6MluDre6b&mediaDataID=5436426&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7a9c4a2c8faf781cc3bdb4ffa01b83d61d6b9a3276fc2573f49327ce55b821c Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aTmTR84WUqXWYIndaO4mZbP3sUdTsYaVsF8PAZbnUdY3UUf23UIoUq3sWEMaQTUFSsYAPb6nPHrkUGMU4F6noW6M0Eyn2t3CSGMD2mrHpH6yTHQ9YbM9YFBiXaeMRUJHUrZbYTtQTobBmRUfNXTUs5Efl2ar4oEfCYrF9THMRoAnBnV7nmH3J2Tnf2WZat46vZanFbLYcnQYcMU0sZbonaj45UF2TFnFP6MluDre6b&mediaDataID=5436426&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 148 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f34e00004e493f08a000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeee74e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame E6A1	302 B 354 B	169ms 168ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aUmTR85EUg5teq56ZbZbmr3Zb0G3XXVZb30VBnpEn33UY2VbbCWmr4REU4PsvsQtBr1WnwVmMx4sUW0FUJTmim26YgRPfI2HrpXWJZdpd6o4AvY5cjbTVvbVGBjPPYoUWFWUUn05bExUaMoTTUlPEQZdSGjJRrirPWrcWVrU5F6nodiOXaeu4dQZdPcvH5mrKpHXsTdQaYFnbYU760TANRU3ZbWUBSTtJ2tUZbAOkoZaZdt&mediaDataID=6807466&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2921c34b6f09023e9a3f1306142ffaf540b3a6067eac37678eb92fe6dfbefaac Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aUmTR85EUg5teq56ZbZbmr3Zb0G3XXVZb30VBnpEn33UY2VbbCWmr4REU4PsvsQtBr1WnwVmMx4sUW0FUJTmim26YgRPfI2HrpXWJZdpd6o4AvY5cjbTVvbVGBjPPYoUWFWUUn05bExUaMoTTUlPEQZdSGjJRrirPWrcWVrU5F6nodiOXaeu4dQZdPcvH5mrKpHXsTdQaYFnbYU760TANRU3ZbWUBSTtJ2tUZbAOkoZaZdt&mediaDataID=6807466&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 511 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f35000004e4942bfe000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeeeb4e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame C71B	259 B 535 B	759ms 759ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aVmTR8SGjH2mQZboHiNUtY80bvbXbjlXTZaMPrBZcUU3SVW31mFFnRUFnXTnt5TBa4EfPmEbA1rBhWWbRmAfLpsrumtML3Tr95tun3AFGmU3EXVfSYcQ50VjNpTb43bFVVbMEUAvWRTr0ScQMPdFO1dFpT6nO4cU5XU3JUmim2PUePmMB4WvO0tnKndiw4ABS5GjbUGQcWcF7R6nnUWQ3WrMP5b2pPTnCNsDZcSg&mediaDataID=2713736&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 555d858d9c8a79c86168807115ff7a6971fd0ddbb11d89705ee93175af4403e5 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aVmTR8SGjH2mQZboHiNUtY80bvbXbjlXTZaMPrBZcUU3SVW31mFFnRUFnXTnt5TBa4EfPmEbA1rBhWWbRmAfLpsrumtML3Tr95tun3AFGmU3EXVfSYcQ50VjNpTb43bFVVbMEUAvWRTr0ScQMPdFO1dFpT6nO4cU5XU3JUmim2PUePmMB4WvO0tnKndiw4ABS5GjbUGQcWcF7R6nnUWQ3WrMP5b2pPTnCNsDZcSg&mediaDataID=2713736&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 1 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f35100004e495e1fc000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeeec4e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame EAF3	309 B 408 B	172ms 172ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aWmTR8XWYLpdEx3mQU5cY9VcFdVGBeS6MoWtZb4Ur7P3FIqWEvpTTv6PErZcSVBCPUmxRWvaUVn32Uunmdqr0Eyn4WnZbQVBH2mBImdayUtfhXrf7YUFi1T6oPbUZbUbBYVWF3orJuRFbr1EYy4EFk4q3YoTfE1bB9UHjRnAfLpGvwoWfC5Ev75His3PBLmUbZcXsfUXG330GBonaZb33bQ2TFnZcUA75WavgoAGFCi&mediaDataID=8039566&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d8a329b0c300bbc8f2a6b617bf152df03137abdff07640a40e1dbee734566e7 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aWmTR8XWYLpdEx3mQU5cY9VcFdVGBeS6MoWtZb4Ur7P3FIqWEvpTTv6PErZcSVBCPUmxRWvaUVn32Uunmdqr0Eyn4WnZbQVBH2mBImdayUtfhXrf7YUFi1T6oPbUZbUbBYVWF3orJuRFbr1EYy4EFk4q3YoTfE1bB9UHjRnAfLpGvwoWfC5Ev75His3PBLmUbZcXsfUXG330GBonaZb33bQ2TFnZcUA75WavgoAGFCi&mediaDataID=8039566&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:04 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 1586 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f35200004e490fbb1000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeeee4e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame E58D	387 B 423 B	468ms 468ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aXmTR85ter3A7ZanbvHYsMS1cnU0cfNnaB45FZb5VFjZcW6rXPqn1ScMoPd7N1tfuVAjn2cY30UYBV6qm4PZb8RPfI4dYM0HrKpdTM36MY4VUgTsJ8WVB7S6QMWdY3UFM03FPoUqrwTEYaST3FRGBIPbEoPHr6UGnU4Fmnndqr0qmp2tbESGBZa5PMEoWAmUtQ7XUf7XrBe0aZaNRUMZcUbUSTtJWorQmWrfFMeyvoU&mediaDataID=6680176&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19b5ac34fa2bc414a0ea50480e17da716647f8c010417fc714bf79abb6c8cad5 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aXmTR85ter3A7ZanbvHYsMS1cnU0cfNnaB45FZb5VFjZcW6rXPqn1ScMoPd7N1tfuVAjn2cY30UYBV6qm4PZb8RPfI4dYM0HrKpdTM36MY4VUgTsJ8WVB7S6QMWdY3UFM03FPoUqrwTEYaST3FRGBIPbEoPHr6UGnU4Fmnndqr0qmp2tbESGBZa5PMEoWAmUtQ7XUf7XrBe0aZaNRUMZcUbUSTtJWorQmWrfFMeyvoU&mediaDataID=6680176&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 447 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f35300004e494dbf6000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeef24e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame DFC4	447 B 606 B	464ms 464ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aYmTR82mQZamdAsTHb8YFUd1Uj61E6oSUnZbWFJPVtUWmUFtPb7q1Erp4E7l4anRmqrKYbZb7WHf0oPnLnG7mmtML5qY93dEn3AnJprYEYcQ0YsFY0sBOmEjQ5UY2VrnEW6j4REMRSs3sStJr0dfoVmYu4sUY0FYJTmym5PZb8R6bK2HZbqXWrAmHiu3mnV4Vj6TVJ8VGbfRPMnUWn4UFfP5b2uUqjoQqUTyZcXZaCA&mediaDataID=6719746&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b223ac5897411aaaab130d03a29d289c3ad92f55294db6472d1f3da5912d7490 Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=aYmTR82mQZamdAsTHb8YFUd1Uj61E6oSUnZbWFJPVtUWmUFtPb7q1Erp4E7l4anRmqrKYbZb7WHf0oPnLnG7mmtML5qY93dEn3AnJprYEYcQ0YsFY0sBOmEjQ5UY2VrnEW6j4REMRSs3sStJr0dfoVmYu4sUY0FYJTmym5PZb8R6bK2HZbqXWrAmHiu3mnV4Vj6TVJ8VGbfRPMnUWn4UFfP5b2uUqjoQqUTyZcXZaCA&mediaDataID=6719746&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 363 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f35400004e49172a9000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeef74e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	p.media Show response s.tribalfusion.com/ Frame 6A35	279 B 341 B	473ms 472ms	Document text/html	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a0mTR8pdEv36YQ4VrbVs3aUcrhS6rwTdM3WbrS3bAuWTvrVa3bSTnKRGbJPrivRdfkWGMW2FqvotirXqev4WnZbSs7Zc46MKmdPpVWjhYFQkYFYi1TuqRFFCWU3SVHJ3mU3nRUjM1TUt3TJa5qnXmEBD1rBbWWfRmAvLmG7mmHnJ3TZbg5tEN3P7JpFfZbYcfPYVFY1c7wnTB33bn5VrbZcUA7TREb0VGQGpEJEZbW&mediaDataID=9148826&mediaName=frame.html Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aamneMXVn20sfOpabS5bYU0sjrPRyxZai&a=3&adContainerId=richmedia_4&rnd=2107326 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3affab0b31596fde5527068beb56d7d4c9faf76253ba5a6b9cde3827c4e4216a Request headers :method GET :authority s.tribalfusion.com :scheme https :path /p.media?clickID=a0mTR8pdEv36YQ4VrbVs3aUcrhS6rwTdM3WbrS3bAuWTvrVa3bSTnKRGbJPrivRdfkWGMW2FqvotirXqev4WnZbSs7Zc46MKmdPpVWjhYFQkYFYi1TuqRFFCWU3SVHJ3mU3nRUjM1TUt3TJa5qnXmEBD1rBbWWfRmAvLmG7mmHnJ3TZbg5tEN3P7JpFfZbYcfPYVFY1c7wnTB33bn5VrbZcUA7TREb0VGQGpEJEZbW&mediaDataID=9148826&mediaName=frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie ANON_ID=alnsmAtZdPupm7SpBnA8sm9UVQVL7ZdYi4horqT116n5sZcBByuJRUJNxvuJwQsAOWSTS1Ee04ZcCZbae Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=de02d9af09361a30fbd91e3872cb519461616502184; expires=Thu, 22-Apr-21 12:23:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax p3p CP="NOI DEVo TAIa OUR BUS" x-function 102 x-reuse-index 1615 pragma no-cache cache-control private, no-cache, no-store, proxy-revalidate vary Accept-Encoding expires 0 cf-cache-status DYNAMIC cf-request-id 0900a2f35500004e4973085000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6347a0feeef94e49-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 894B	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 559ad55e29c50a9e8ed30657d8f92a445be18b84b15f51f5c34e856ad9cedeae Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 2B67	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3593e7645d8828b2f788b9caad401932fce9b888f70b1127409bbf3fce8d0f8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 2B67	0 0	99ms 67ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9KxydNN8_9J7KBpLfrKFVCmioq5P2htknEePfutfDR7CzKVPGVWdpMd2EJuqNvjjHc4j-60Y1lS2EEJAkvRVWvwFOkFdS8n6e5AfQQWviqpJU4CHQvNtJhIroL1yr_TjvRHLjQlbNnQ9DAdJsLfbije06DPUUu5QxB_oEcDU-_AIG2VW7gA50vtMtlE4EDyvtK1ZFDwPdD-PZpIcvDjhL457Wlg_MrqffDU37N6RBovKRZYqxIRcrHt88tC7rGZFAx8B2aR2Co54nd3CVIGd8QzkuUrzv0-RgWy3iGwzR6J29dqGMgU9l9BcnQA&sai=AMfl-YQLx_tdf5kfuGWfwSk6q0HsJdK2vJ7k70EV3DYNItRfCb7nD4GhZv9QpHXAMKn11aGp_muNh6cJkqPy1iFyNjPG5sAP58zQSbO8oxpUQ9HExNOMh5ST802DIDk31Zo&sig=Cg0ArKJSzHBL3kuf7v0sEAE&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:04 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 8733 Redirect Chain https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209068981951&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209068981951&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&C=1 https://a.tribalfusion.com/i.match?p=b20&u=YFndqVvs0cAE3R.hJ7E8kgAA	43 B 474 B	165ms 165ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b20&u=YFndqVvs0cAE3R.hJ7E8kgAA Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aqmTR8PHvdUVMT2Uuomdas0q2N3dQFPGZbZa26BEodEyTtFdXUMa1Ufi1qAsRbYZbUrJQVdQ5orFvRFjqYEFs3aBc2TrPmEZbE1r3cWHBXn6QBnV7rotnA2qMk5tiN5mvZanUfZc0GnY1sU3XGbnmEfT3FvWTFbCUPr4PEr1PcZbtStZbr1dvpT6Qp3Vv3XbFLUPim46ZbdQAbB2Wry0drDnWIo36BY3sj7SGUVy73Zbtc&mediaDataID=6530936&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a100b9e54e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f47800004e4961a26000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://a.tribalfusion.com/i.match?p=b20&u=YFndqVvs0cAE3R.hJ7E8kgAA Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 255 Expires Tue, 23 Mar 2021 12:23:05 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 3E09 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662209068981951 https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEFAhwTTCkazyVeI7p6bYKDI&google_cver=1&google_ula=2786954,0	43 B 576 B	180ms 180ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEFAhwTTCkazyVeI7p6bYKDI&google_cver=1&google_ula=2786954,0 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb8UHb1om3IpG3oodYL2Er75duM5AbGnUnIXsMP1crY1VZbwnTj43rZb4VUfGUArVRTM1QcZbtSHBtYHjwVmUN4sJ00UnDUPTw4AZb6PAFI2HvmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavStM8Vsr35b6nmWqmYTmu2d3ZaQsBZd4A3HmdXyVWQ65FrUvwFgbY&mediaDataID=4056396&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a10069454e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f44100004e491e3fa000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEFAhwTTCkazyVeI7p6bYKDI&google_cver=1&google_ula=2786954,0 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 2E1C Redirect Chain https://pixel.advertising.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true https://pixel.advertising.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true&verify=true https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true&apid=UP84af0e89-8bd2-11eb-b48a-02e98585498e https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209068981951&_origin=1&redir=true&apid=UP84af0e89-8bd2-11eb-b48a-02e98585498e&verify=true https://a.tribalfusion.com/i.match?p=b17&u=UP84af0e89-8bd2-11eb-b48a-02e98585498e	43 B 658 B	162ms 162ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b17&u=UP84af0e89-8bd2-11eb-b48a-02e98585498e Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=armTR84sY40UUIUPan4PY7R6JF4Hrt1dvAptTn563Y5VvcTV3dUcZbjSAnvUdQ3UUrR3rEmUqvxTEQbQTBZdQcFARFixRWQlUVjP2F2xnHZaOXaex4tUGPV7D2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJIXUFcTHbPn6fLns7rpdnC3Er83HEM5mjGprbE0GfQ4GYjxdZb22e&mediaDataID=6347136&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a101cbd74e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f52100004e490ca89000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Tue, 23 Mar 2021 12:23:05 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://a.tribalfusion.com/i.match?p=b17&u=UP84af0e89-8bd2-11eb-b48a-02e98585498e Connection keep-alive Content-Length 0
GET H2	200	i.match a.tribalfusion.com/ Frame BA8A Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662209068981951 https://a.tribalfusion.com/i.match?p=b23&u=164880803734000691126	43 B 442 B	164ms 164ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b23&u=164880803734000691126 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aRmTR8mHnC5EUe5d6p3PrZdprUI0V3TYsMVXVnonTb43rQPVrbEUAQ1QTQ0QcYMQW3t1d7mT6nn4cY5XUZbJVAuu26YgPmFC4WFmXWMAmHao5mBV5VMfUcv8Uc78R6FuUHJWWrbS5rZapUqnvWEYbQEMZcQVFZcRbipRHncVVbU2Fuxmtqq0q2p3dQCPVJZc5PJZboWXpUtJ6XbQjYbj60T6MPbJZbWUBXQWUiyUpONQ&mediaDataID=7665496&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a100a9c54e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f46b00004e4973099000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" location https://a.tribalfusion.com/i.match?p=b23&u=164880803734000691126 cache-control no-cache, no-store, must-revalidate content-length 0 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame E6A1 Redirect Chain https://a.tribalfusion.com/i.match?p=b22&u=18072662209068981951&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209068981951	0 337 B	140ms 46ms	Image text/plain	52.48.18.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209068981951 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aUmTR85EUg5teq56ZbZbmr3Zb0G3XXVZb30VBnpEn33UY2VbbCWmr4REU4PsvsQtBr1WnwVmMx4sUW0FUJTmim26YgRPfI2HrpXWJZdpd6o4AvY5cjbTVvbVGBjPPYoUWFWUUn05bExUaMoTTUlPEQZdSGjJRrirPWrcWVrU5F6nodiOXaeu4dQZdPcvH5mrKpHXsTdQaYFnbYU760TANRU3ZbWUBSTtJ2tUZbAOkoZaZdt&mediaDataID=6807466&mediaName=frame.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-18-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:05 GMT cache-control private, no-cache, no-store x-request-time D=30 t=1616502185 x-served-by beacon-n001-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 873 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a10008bc4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209068981951 cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0900a2f40500004e494280b000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 6BA9 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D... https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid... https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=f745fdc2-65f8-4fdf-b646-21a575c64c55	43 B 457 B	763ms 762ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=f745fdc2-65f8-4fdf-b646-21a575c64c55 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aSmTR84dMESGjH263LmtTrVWbc0rn9XU79XqyNRbUZbUrU5VH33or7qQFBrYEUy5q3c4qv0oTfK1bZb9UHMRomMDpsruoWQG5EFk5tZaN46BGnbbLXsnTXGZbYXGbnnavT3rJVTFfZbUPn5REvQPs3tQdfNYtjqTmnv2sQ5YUZbJVmqw4AZb9R6JK3trm1tvCmH2u5PBV4Vr7TcnkWVJ7R6QoWdF3WrM10FADMRTZblA&mediaDataID=6546596&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a100b9d34e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f47300004e4925290000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Tue, 23 Mar 2021 12:23:05 GMT content-encoding gzip server OXGW/16.203.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=f745fdc2-65f8-4fdf-b646-21a575c64c55 content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H2	200	dspreply public-prod-dspcookiematching.dmxleo.com/ Frame EAF3 Redirect Chain https://a.tribalfusion.com/i.match?p=b24&u=18072662209068981951&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209068981951	0 176 B	72ms 33ms	Image text/plain	34.120.25.144 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209068981951 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aWmTR8XWYLpdEx3mQU5cY9VcFdVGBeS6MoWtZb4Ur7P3FIqWEvpTTv6PErZcSVBCPUmxRWvaUVn32Uunmdqr0Eyn4WnZbQVBH2mBImdayUtfhXrf7YUFi1T6oPbUZbUbBYVWF3orJuRFbr1EYy4EFk4q3YoTfE1bB9UHjRnAfLpGvwoWfC5Ev75His3PBLmUbZcXsfUXG330GBonaZb33bQ2TFnZcUA75WavgoAGFCi&mediaDataID=8039566&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 144.25.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:05 GMT via 1.1 google alt-svc clear content-length 0 Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 1924 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a10018cb4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209068981951 cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0900a2f40c00004e491e3f7000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	tags.js Show response s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/ Frame 590F	59 KB 14 KB	824ms 824ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4357b44d04d4d7885fad9fb73b1ef31abe582e52087637377b0a86aad3b29ed Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14004 cf-request-id 0900a2f43600004e4961033000000001 x-function 151 last-modified Wed, 29 Jul 2020 11:50:12 GMT server cloudflare x-reuse-index 1 etag 12745472060267020797 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 6347a100592c4e49-FRA expires Tue, 23 Mar 2021 13:23:05 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame DFC4 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622090... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622090... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662209068981951&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U... https://a.tribalfusion.com/i.match?p=b11&u=FAC241E8-7BF3-4B04-8150-661B43E22A33	43 B 454 B	164ms 164ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b11&u=FAC241E8-7BF3-4B04-8150-661B43E22A33 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aYmTR82mQZamdAsTHb8YFUd1Uj61E6oSUnZbWFJPVtUWmUFtPb7q1Erp4E7l4anRmqrKYbZb7WHf0oPnLnG7mmtML5qY93dEn3AnJprYEYcQ0YsFY0sBOmEjQ5UY2VrnEW6j4REMRSs3sStJr0dfoVmYu4sUY0FYJTmym5PZb8R6bK2HZbqXWrAmHiu3mnV4Vj6TVJ8VGbfRPMnUWn4UFfP5b2uUqjoQqUTyZcXZaCA&mediaDataID=6719746&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a10569c84e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f76500004e4927b72000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Tue, 23 Mar 2021 12:23:05 GMT X-lat lhrpug012:0:585 Server nginx Transfer-Encoding chunked P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Location https://a.tribalfusion.com/i.match?p=b11&u=FAC241E8-7BF3-4B04-8150-661B43E22A33 Cache-Control no-store, no-cache, private Connection keep-alive
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame EE53 Redirect Chain https://a.tribalfusion.com/i.match?p=b10&u=18072662209068981951&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209068981951&expires=180	42 B 767 B	375ms 35ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209068981951&expires=180 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aTmTR84WUqXWYIndaO4mZbP3sUdTsYaVsF8PAZbnUdY3UUf23UIoUq3sWEMaQTUFSsYAPb6nPHrkUGMU4F6noW6M0Eyn2t3CSGMD2mrHpH6yTHQ9YbM9YFBiXaeMRUJHUrZbYTtQTobBmRUfNXTUs5Efl2ar4oEfCYrF9THMRoAnBnV7nmH3J2Tnf2WZat46vZanFbLYcnQYcMU0sZbonaj45UF2TFnFP6MluDre6b&mediaDataID=5436426&mediaName=frame.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 4b510f0cc5fcbc9800016ef543086418 Content-Type image/gif Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 1533 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a101ec0e4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209068981951&expires=180 cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0900a2f53500004e497011e000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame E58D	13 KB 5 KB	32ms 17ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aXmTR85ter3A7ZanbvHYsMS1cnU0cfNnaB45FZb5VFjZcW6rXPqn1ScMoPd7N1tfuVAjn2cY30UYBV6qm4PZb8RPfI4dYM0HrKpdTM36MY4VUgTsJ8WVB7S6QMWdY3UFM03FPoUqrwTEYaST3FRGBIPbEoPHr6UGnU4Fmnndqr0qmp2tbESGBZa5PMEoWAmUtQ7XUf7XrBe0aZaNRUMZcUbUSTtJWorQmWrfFMeyvoU&mediaDataID=6680176&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5202075998311dcab7a8020419ac0009f951d88c5d40696612d440857828ffd8 Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:05 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin cf-ray 6347a1020dc94db2-FRA cf-request-id 0900a2f54500004db2d6152000000001
GET H2	200	i.match s.tribalfusion.com/z/ Frame E58D Redirect Chain https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662209068981951&redirectId=1001 https://a.tribalfusion.com/i.match?p=b21&u=f6aa0aff0b07150b6d6e073f89d4fe https://s.tribalfusion.com/z/i.match?p=b21&u=f6aa0aff0b07150b6d6e073f89d4fe	43 B 508 B	161ms 161ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b21&u=f6aa0aff0b07150b6d6e073f89d4fe Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aXmTR85ter3A7ZanbvHYsMS1cnU0cfNnaB45FZb5VFjZcW6rXPqn1ScMoPd7N1tfuVAjn2cY30UYBV6qm4PZb8RPfI4dYM0HrKpdTM36MY4VUgTsJ8WVB7S6QMWdY3UFM03FPoUqrwTEYaST3FRGBIPbEoPHr6UGnU4Fmnndqr0qmp2tbESGBZa5PMEoWAmUtQ7XUf7XrBe0aZaNRUMZcUbUSTtJWorQmWrfFMeyvoU&mediaDataID=6680176&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a103af2a4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f64800004e490c390000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 64 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a102ad6a4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://s.tribalfusion.com/z/i.match?p=b21&u=f6aa0aff0b07150b6d6e073f89d4fe cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0900a2f5a400004e4937327000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 6A35 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209068981951&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209068981951&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=84d5d435-8bd2-11e... https://a.tribalfusion.com/i.match?p=b19&u=84d5d3fb-8bd2-11eb-b443-16ae82d33506 https://s.tribalfusion.com/z/i.match?p=b19&u=84d5d3fb-8bd2-11eb-b443-16ae82d33506	43 B 626 B	171ms 171ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b19&u=84d5d3fb-8bd2-11eb-b443-16ae82d33506 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a0mTR8pdEv36YQ4VrbVs3aUcrhS6rwTdM3WbrS3bAuWTvrVa3bSTnKRGbJPrivRdfkWGMW2FqvotirXqev4WnZbSs7Zc46MKmdPpVWjhYFQkYFYi1TuqRFFCWU3SVHJ3mU3nRUjM1TUt3TJa5qnXmEBD1rBbWWfRmAvLmG7mmHnJ3TZbg5tEN3P7JpFfZbYcfPYVFY1c7wnTB33bn5VrbZcUA7TREb0VGQGpEJEZbW&mediaDataID=9148826&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a1038f0e4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f63900004e497d9d1000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 302 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a1027d2a4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://s.tribalfusion.com/z/i.match?p=b19&u=84d5d3fb-8bd2-11eb-b443-16ae82d33506 cache-control no-cache, private content-type text/html alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0900a2f58a00004e4932384000000001 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame D10B	0 0	116ms 60ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupUGwsTjtylN0m5kjqj_SOLOdUvbZV19x2FKCIPb6UExskF0kFyrZZ10w0ST1ax1Gn8yofYFAvldT-06JXm5yI5BbbVcY7vlublFZpLSiEIJ6eVzLVzqFBrfM663nROtNwA0NvGyUt4gRi_3u3p1iY25vfO6KBIdLNW6_Mq0X7DcYG4MWXuAZomtKSz4Q2w12cPRmn00sM3evE5Xg5TsuQUPWVPyX9rfjS4DO9tBXa_RKzUO2Z7J1RSbzckV84u_qik-yVAXypz2AM5qMc-NrFjt9y0QoVpqjQPC8316TDfj6XUDUw8iyzNGor&sai=AMfl-YSTDGqC2QKyvvkLoEoNweKQ54k_wSArMURrlzCe5pRDdkUWxsflYn06ONrjWJgP4ONT4iy7uMYLFHv9TU66uWPHgOwvsMY9BTuIWvy7oOlFUdJjrM-E5ZquFVNYm3w&sig=Cg0ArKJSzC7LnfG0YV9QEAE&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:05 GMT
POST H2	204	performance Show response s.tribalfusion.com/cdn-cgi/beacon/ Frame E58D	0 204 B	9ms 8ms	XHR text/plain	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/cdn-cgi/beacon/performance?req_id=6347a0feeef24e49 Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://s.tribalfusion.com/p.media?clickID=aXmTR85ter3A7ZanbvHYsMS1cnU0cfNnaB45FZb5VFjZcW6rXPqn1ScMoPd7N1tfuVAjn2cY30UYBV6qm4PZb8RPfI4dYM0HrKpdTM36MY4VUgTsJ8WVB7S6QMWdY3UFM03FPoUqrwTEYaST3FRGBIPbEoPHr6UGnU4Fmnndqr0qmp2tbESGBZa5PMEoWAmUtQ7XUf7XrBe0aZaNRUMZcUbUSTtJWorQmWrfFMeyvoU&mediaDataID=6680176&mediaName=frame.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers date Tue, 23 Mar 2021 12:23:05 GMT x-content-type-options nosniff server cloudflare cf-ray 6347a104a8a44e49-FRA x-frame-options DENY
GET H2	200	i.match a.tribalfusion.com/ Frame C71B Redirect Chain https://tags.bluekai.com/site/4229?id=18072662209068981951&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID https://a.tribalfusion.com/i.match?p=b3&u=OZBP%2Fy99999LpPkQ	43 B 633 B	174ms 174ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b3&u=OZBP%2Fy99999LpPkQ Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aVmTR8SGjH2mQZboHiNUtY80bvbXbjlXTZaMPrBZcUU3SVW31mFFnRUFnXTnt5TBa4EfPmEbA1rBhWWbRmAfLpsrumtML3Tr95tun3AFGmU3EXVfSYcQ50VjNpTb43bFVVbMEUAvWRTr0ScQMPdFO1dFpT6nO4cU5XU3JUmim2PUePmMB4WvO0tnKndiw4ABS5GjbUGQcWcF7R6nnUWQ3WrMP5b2pPTnCNsDZcSg&mediaDataID=2713736&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6347a1066b4d4e49-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 cf-request-id 0900a2f80500004e49323a8000000001 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://a.tribalfusion.com/i.match?p=b3&u=OZBP%2Fy99999LpPkQ Date Tue, 23 Mar 2021 12:23:05 GMT Connection keep-alive Content-Length 0 BK-Server 8754 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2B67	42 B 501 B	58ms 39ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTvEpxG0ZmYaw0nSl2AdU7WN7UyvnVEXbi2NucPb8HlIiyovNAc_oYvuiDsNLg8K-WUJcGMJpYci0aih-Sl4jNUnyjPshI7eXg5q60Kao&sig=Cg0ArKJSzHVVwBuPUCz6EAE&id=osdim&mcvt=1000&p=357,8,957,168&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210322&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=5841399&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1616502183937&dlt=0&rpt=898&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 590F	679 B 1018 B	174ms 174ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14e2b54991b4e0a93d8284e928eb85a0f792f0b880ddcec0e1503bcf77ba20b5 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:06 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 332 cf-request-id 0900a2f7c400004e4920994000000001 x-function 153 last-modified Tue, 04 Apr 2017 05:09:56 GMT server cloudflare x-reuse-index 30 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 6347a1060aa44e49-FRA expires Mon, 21 Jun 2021 12:23:06 GMT
POST H2	200	tinyurl.com Show response e.deployads.com/e/	2 B 126 B	47ms 46ms	XHR text/plain	18.202.37.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e.deployads.com/e/tinyurl.com Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.37.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-37-41.eu-west-1.compute.amazonaws.com Software Jetty(7.6.12.v20130726) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Tue, 23 Mar 2021 12:23:06 GMT server Jetty(7.6.12.v20130726) content-length 2 content-type text/plain;charset=UTF-8
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame 590F	20 B 621 B	182ms 182ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=tinyurlcom&adSpace=nobackfill&center=1&noAd=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Ftinyurl.com%2F5y7zhd2eWarm&f=1&p=2107316&tKey=aCmneM2UeoWEMtTaU8Sa3Za5bZbvPRy25M&a=7&adContainerId=richmedia_8&rnd=2108482 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/real/tags/TinyURLcom/NoBackfill/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 217bab4b917050f880628e822c751053b9f0220011a1e2d2d36627daacb3da2b Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:06 GMT content-encoding none cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20 cf-request-id 0900a2f87400004e492ca3d000000001 pragma no-cache x-function 101 server cloudflare x-reuse-index 216 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 6347a1071c804e49-FRA expires 0
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 894B	0 0	58ms 58ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoD4tyr3f9QaNv2zzELdIrPMXzb0G2y-_25kgQgH9vzaCbHRwnU2U7pFDx0sj77NuHPJqfCU03Pf2y4QJea1otwgd_G6XjenZ2-a-InO1TX9I8WaDSVMlxoUmdrR2_v8uCY1zMu_SQm1GFIRHHRkgVwkkIvDv8v0MLkmxonDRCANbzGMPbDc1pzk4E0eBZpOjiV9NfCCvodrv-o9qJQWF8AVvVHsDSOyUXqWcvXOTNUFdb_RIicaoKnVmmxRj1USfWgBUxrw4mLRiWVnIE_QVl-OUlcQ7Sza3YMVucObe4Hnn0HrKhEC_WOes&sai=AMfl-YQcZ67PkSIqWLF23H-psiMJzMYyCRzekWCB3cOwJf_biMP7ABzzBF7tNN0PVIaYmyweEeqrZ9_cDwpJuL8QOcv79t_lKkZbBfQolHHJMsYTBVnEQUgQ-nAZwhqlwsM&sig=Cg0ArKJSzMgUkWEJKWSgEAE&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:06 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:06 GMT
GET DATA	200 OK	truncated / Frame 590F	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2a1037733cdf64bc617d685e73d1e6223610d138b00272bf1b06a70a5a0bf81f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-Q050	200	view securepubads.g.doubleclick.net/pcs/ Frame 590F	0 0	59ms 59ms	Fetch image/gif	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYpG_T0pRdyUuyO7M_f5Uin079UCSrxSpDk9ZdGKOTE1g48CN5Pgr3urYwmNbbM_q_2ipKowh0jHUFGQZvSAueo_VuFiXbQlOR1NN5GZ56zu_yyHR7JoGNLGhqCl1ShL2DcllgBmjM8_8BeeGFbOTfxiZnHBsFNluj_-8YPi_KqU4hI1N8pe2pmSWH13epYRRJn9Lb2DlMjZvn8hpUxE_0HDXHvmQYO6LFtTKuy1izTB50ZhR94amEiILADXZAO98J0fVWsCifd7J2G5h43JyRJ4DW9AukCANYpxNnGlVQ79yRMmfwDDj4Fw&sig=Cg0ArKJSzF6nf0E94HdgEAE&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 23 Mar 2021 12:23:06 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 23 Mar 2021 12:23:06 GMT
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D10B	42 B 155 B	39ms 39ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstaYJ1gefIz5d_yIQ6ezzT1jWGLM4ORqPLmS8eT8LiyuJt8Z3JCHFIH3SKijCeN8IIkDmRJDiEV6kukeW-i8LcYW-OKnqAK42iqs8lEkM&sig=Cg0ArKJSzNueygVbZBxTEAE&id=osdim&mcvt=1000&p=123,523,213,1251&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210322&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2646619246&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1616502183938&dlt=0&rpt=868&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/ib/static/usersync/v3/ Frame ACEE	995 B 1 KB	82ms 25ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39 Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://tinyurl.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers Connection keep-alive Content-Length 506 Server nginx/1.13.10 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Thu, 06 May 2021 05:24:22 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Tue, 23 Mar 2021 12:23:06 GMT Age 27759524 X-Served-By cache-lga21949-LGA, cache-fra19173-FRA X-Cache HIT, HIT X-Cache-Hits 652004, 1163475 X-Timer S1616502187.794254,VS0,VE0 Vary Accept-Encoding
GET H2	204	index.html cdn.districtm.io/ids/ Frame 4152	0 0	26ms 25ms	Document text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:06 GMT set-cookie __cfduid=d99d58e1e58610691f4773d6a2c294d221616502186; expires=Thu, 22-Apr-21 12:23:06 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS cf-request-id 0900a2faf40000cc428930f000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 6347a10b1d5bcc42-ZRH
GET H2	200	sync Show response eb2.3lift.com/ Frame 6D10 Redirect Chain https://eb2.3lift.com/sync? https://eb2.3lift.com/sync?&ld=1	1 KB 1 KB	24ms 24ms	Document text/html	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?&ld=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 987bf516c2f279f4655b16c9fdd7ab1f68c406843dc0a566d36d88402ab3d71b Request headers :method GET :authority eb2.3lift.com :scheme https :path /sync?&ld=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie tluid=2702532730809014136 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:06 GMT content-type text/html; charset=utf-8 content-length 477 set-cookie sync=CgoIgQIQv8an-IUvCgoIkQIQv8an-IUvCgoI4gEQv8an-IUvCgoIkgIQv8an-IUvCgoI5gEQv8an-IUvCgoIhwIQv8an-IUvCgkIOhC_xqf4hS8KCQgLEL_Gp_iFLwoJCF8Qv8an-IUvCgkIHxC_xqf4hS8=; Max-Age=7776000; Expires=Mon, 21 Jun 2021 12:23:06 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2702532730809014136; Max-Age=7776000; Expires=Mon, 21 Jun 2021 12:23:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure content-encoding gzip p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" cache-control no-cache, no-store, must-revalidate Redirect headers date Tue, 23 Mar 2021 12:23:06 GMT content-length 0 set-cookie tluid=2702532730809014136; Max-Age=7776000; Expires=Mon, 21 Jun 2021 12:23:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure location /sync?&ld=1 cache-control no-cache, no-store, must-revalidate p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync Show response eb2.3lift.com/ Frame 8DC8 Redirect Chain https://eb2.3lift.com/sync? https://eb2.3lift.com/sync?&ld=1	1 KB 1 KB	24ms 24ms	Document text/html	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?&ld=1 Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 987bf516c2f279f4655b16c9fdd7ab1f68c406843dc0a566d36d88402ab3d71b Request headers :method GET :authority eb2.3lift.com :scheme https :path /sync?&ld=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US cookie tluid=2702532730809014136 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:06 GMT content-type text/html; charset=utf-8 content-length 477 set-cookie sync=CgoIgQIQv8an-IUvCgoIkQIQv8an-IUvCgoI4gEQv8an-IUvCgoIkgIQv8an-IUvCgoI5gEQv8an-IUvCgoIhwIQv8an-IUvCgkIOhC_xqf4hS8KCQgLEL_Gp_iFLwoJCF8Qv8an-IUvCgkIHxC_xqf4hS8=; Max-Age=7776000; Expires=Mon, 21 Jun 2021 12:23:06 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2702532730809014136; Max-Age=7776000; Expires=Mon, 21 Jun 2021 12:23:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure content-encoding gzip p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" cache-control no-cache, no-store, must-revalidate Redirect headers date Tue, 23 Mar 2021 12:23:06 GMT content-length 0 set-cookie tluid=15849936616289015833; Max-Age=7776000; Expires=Mon, 21 Jun 2021 12:23:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure location /sync?&ld=1 cache-control no-cache, no-store, must-revalidate p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	204	index.html cdn.districtm.io/ids/ Frame E895	0 0	29ms 27ms	Document text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tinyurl.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers date Tue, 23 Mar 2021 12:23:06 GMT set-cookie __cfduid=d99d58e1e58610691f4773d6a2c294d221616502186; expires=Thu, 22-Apr-21 12:23:06 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS cf-request-id 0900a2faf50000cc424f1da000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 6347a10b2d5ccc42-ZRH
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/ib/static/usersync/v3/ Frame 7A12	995 B 1 KB	76ms 23ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: tinyurl.com URL: https://tinyurl.com/5y7zhd2eWarm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39 Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://tinyurl.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://tinyurl.com/ Response headers Connection keep-alive Content-Length 506 Server nginx/1.13.10 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Thu, 06 May 2021 05:24:22 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Tue, 23 Mar 2021 12:23:06 GMT Age 27759524 X-Served-By cache-lga21949-LGA, cache-fra19175-FRA X-Cache HIT, HIT X-Cache-Hits 652004, 1511505 X-Timer S1616502187.794634,VS0,VE0 Vary Accept-Encoding
GET H2	200	QANT c.deployads.com/cs/ Redirect Chain https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0 https://c.deployads.com/cs/QANT?gdpr=1&b=hHlj5dYtN72fK2Dliih7udd_ZrifLGHp03rUHWgO	43 B 306 B	47ms 47ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/QANT?gdpr=1&b=hHlj5dYtN72fK2Dliih7udd_ZrifLGHp03rUHWgO Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://c.deployads.com/cs/QANT?gdpr=1&b=hHlj5dYtN72fK2Dliih7udd_ZrifLGHp03rUHWgO cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	bswt c.deployads.com/cs/ Redirect Chain https://x.bidswitch.net/sync?ssp=sortable https://x.bidswitch.net/ul_cb/sync?ssp=sortable https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=sortable https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sortable https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1770b6de-f09d-4763-b4f4-9f35c105e55e&ssp=sortable https://c.deployads.com/cs/bswt?b=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&i=	43 B 369 B	48ms 46ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/bswt?b=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&i= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location //c.deployads.com/cs/bswt?b=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&i= date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://x.bidswitch.net/sync?ssp=sonobi https://x.bidswitch.net/ul_cb/sync?ssp=sonobi https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&google_hm=MzVmOWJiOWUtZjBjYi00NjRlLThkNWItMzMzOTJhNTZjM2Uy https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2&google_hm=MzVmOWJiOWUtZjBjYi00NjRlLThkNWItMzMzOTJhNTZjM2U... https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDcaT0zXWei2LaY0MhQnrPU&google_cver=1&ssp=sonobi&bsw_param=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2 https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2	49 B 509 B	74ms 41ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers location //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=35f9bb9e-f0cb-464e-8d5b-33392a56c3e2 date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://sync.1rx.io/usersync2/sortable https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1165140911 https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1165140911 https://sync.1rx.io/usersync/tradedesk/0d1c209c-4d01-440c-b17a-6e8509859aed https://sync.targeting.unrulymedia.com/csync/RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0713d9dd-f378-4120-b165-11e... https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003	49 B 509 B	41ms 41ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:07 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Tue, 23 Mar 2021 12:23:06 GMT Server Tengine ETag RX0713d9ddf3784120b16511ef4f4b86f0003 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003 Connection keep-alive Content-Type text/html
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://p.rfihub.com/cm?pub=35683&in=1 https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758868824953862	49 B 509 B	45ms 45ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758868824953862 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:07 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Location https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978758868824953862 Date Tue, 23 Mar 2021 12:23:07 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2773415267 https://sync.1rx.io/usersync/tradedesk/b20d4a16-ff84-4d7b-8369-db4a6f020976 https://sync.targeting.unrulymedia.com/csync/RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0713d9dd-f378-4120-b165-11e... https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003	49 B 513 B	62ms 38ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:07 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Tue, 23 Mar 2021 12:23:06 GMT Server Tengine ETag RX0713d9ddf3784120b16511ef4f4b86f0003 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0713d9dd-f378-4120-b165-11ef4f4b86f0-003 Connection keep-alive Content-Type text/html
GET H2	200	TTD c.deployads.com/cs/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1 https://c.deployads.com/cs/TTD?b=b20d4a16-ff84-4d7b-8369-db4a6f020976	43 B 338 B	47ms 45ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/TTD?b=b20d4a16-ff84-4d7b-8369-db4a6f020976 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://c.deployads.com/cs/TTD?b=b20d4a16-ff84-4d7b-8369-db4a6f020976 cache-control private,no-cache, must-revalidate content-type text/html content-length 169
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4386059-ddaa-4400-a475-5212d2848cdc	49 B 509 B	168ms 42ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4386059-ddaa-4400-a475-5212d2848cdc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Tue, 23 Mar 2021 12:23:10 GMT Server MT3 3611 f10363c master zrh-pixel-x26 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4386059-ddaa-4400-a475-5212d2848cdc Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 23 Mar 2021 12:23:09 GMT
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= https://sync.go.sonobi.com/us.gif?nw=td&nuid=b20d4a16-ff84-4d7b-8369-db4a6f020976&pubid=fb9580c293	49 B 513 B	154ms 38ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=td&nuid=b20d4a16-ff84-4d7b-8369-db4a6f020976&pubid=fb9580c293 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.go.sonobi.com/us.gif?nw=td&nuid=b20d4a16-ff84-4d7b-8369-db4a6f020976&pubid=fb9580c293 cache-control private,no-cache, must-revalidate content-type text/html content-length 227
GET H2	200	cent c.deployads.com/cs/ Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99 https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99 https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i... https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D8ed62e50-c74f... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D8ed62e5... https://c.deployads.com/cs/cent?b=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&gdpr=0&gdpr_consent=	43 B 409 B	46ms 46ms	Image image/gif	52.215.62.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.deployads.com/cs/cent?b=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.62.106 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-62-106.eu-west-1.compute.amazonaws.com Software SortableCactus/1.0 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:07 GMT cache-control no-cache server SortableCactus/1.0 content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Tue, 23 Mar 2021 12:23:07 GMT via 1.1 google server Jetty(9.4.28.v20200408) strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" location https://c.deployads.com/cs/cent?b=8ed62e50-c74f-45e4-b2d7-a0bce17cc313-6059ddaa-4348&gdpr=0&gdpr_consent= alt-svc clear content-length 0
GET H/1.1	200 OK	bounce Show response secure.adnxs.com/ Frame 7A12 Redirect Chain https://secure.adnxs.com/async_usersync?cbfn=AN_async_load https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load	0 820 B	44ms 44ms	Script text/html	185.33.221.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80 AN-X-Request-Uuid 56e35b93-95cd-4b70-bbeb-b005283b9886 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80 AN-X-Request-Uuid 07d7c1ac-c32b-433c-8ad0-b1a702ef7c63 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	bounce Show response secure.adnxs.com/ Frame ACEE Redirect Chain https://secure.adnxs.com/async_usersync?cbfn=AN_async_load https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load	0 821 B	39ms 37ms	Script text/html	185.33.221.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.239:80 AN-X-Request-Uuid b2e3305c-dcc0-4dca-83ef-362e750c713c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80 AN-X-Request-Uuid 7adea8ea-248d-498a-a739-80561132f24b Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 8DC8	70 B 264 B	52ms 45ms	Image image/gif	54.72.237.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.237.129 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	xuid eb2.3lift.com/ Frame 8DC8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJum3ruuxC7ECQVx7lPCklI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1	37 B 351 B	26ms 25ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJum3ruuxC7ECQVx7lPCklI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJum3ruuxC7ECQVx7lPCklI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 8DC8 Redirect Chain https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D	170 B 201 B	37ms 37ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	c.gif c.bing.com/ Frame 8DC8	42 B 414 B	34ms 27ms	Image image/gif	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.bing.com/c.gif?xid=2702532730809014136&Red3=TLMS_pd Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT etag "506f5bd17ad71:0" last-modified Tue, 23 Feb 2021 19:11:50 GMT x-msedge-ref Ref A: 71133A38C6AE41AA870C87DED679C7A8 Ref B: FRAEDGE1309 Ref C: 2021-03-23T12:23:06Z x-powered-by ASP.NET p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42
GET H2	200	xuid eb2.3lift.com/ Frame 8DC8 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/triplelift/2702532730809014136?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2662&xuid=y-DMimctVE2oRziKheOcZ46zewe98E9d5i98t6iYkm4Q--~A&dongle=0883	37 B 351 B	26ms 26ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2662&xuid=y-DMimctVE2oRziKheOcZ46zewe98E9d5i98t6iYkm4Q--~A&dongle=0883 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers date Tue, 23 Mar 2021 12:23:06 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://eb2.3lift.com/xuid?mid=2662&xuid=y-DMimctVE2oRziKheOcZ46zewe98E9d5i98t6iYkm4Q--~A&dongle=0883 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame 8DC8 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D https://eb2.3lift.com/xuid?mid=3335&xuid=2873145932841728330&dongle=4d58&gdpr=1&gdpr_consent=	37 B 351 B	25ms 24ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=3335&xuid=2873145932841728330&dongle=4d58&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80 AN-X-Request-Uuid d943e2ac-7a4f-42fe-9df9-0239f4d3cdf1 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eb2.3lift.com/xuid?mid=3335&xuid=2873145932841728330&dongle=4d58&gdpr=1&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	iu3 s.amazon-adsystem.com/ Frame 8DC8 Redirect Chain https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2702532730809014136 https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t	0 0	121ms 120ms	Image text/html	52.94.232.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:07 GMT Server Server Vary User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame 8DC8 Redirect Chain https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1	37 B 139 B	24ms 24ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:07 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers Location https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Pragma no-cache Date Tue, 23 Mar 2021 12:23:07 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 95 Content-Type text/html; charset=utf-8
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame 8DC8	0 0	81ms 40ms	Image text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2702532730809014136 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame 8DC8	0 0	118ms 43ms	Image text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=2702532730809014136 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 6D10	70 B 264 B	51ms 46ms	Image image/gif	54.72.237.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.237.129 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	xuid eb2.3lift.com/ Frame 6D10 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-3dXtSPJBnNYTh-QLsBpM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1	37 B 351 B	26ms 26ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-3dXtSPJBnNYTh-QLsBpM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-3dXtSPJBnNYTh-QLsBpM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 6D10 Redirect Chain https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D	170 B 190 B	38ms 37ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjcwMjUzMjczMDgwOTAxNDEzNg%3D%3D date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	c.gif c.bing.com/ Frame 6D10	42 B 246 B	32ms 28ms	Image image/gif	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.bing.com/c.gif?xid=2702532730809014136&Red3=TLMS_pd Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:06 GMT etag "506f5bd17ad71:0" last-modified Tue, 23 Feb 2021 19:11:50 GMT x-msedge-ref Ref A: 5C362E908BBE4C86ADE0B30927FAE48C Ref B: FRAEDGE1309 Ref C: 2021-03-23T12:23:06Z x-powered-by ASP.NET p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42
GET H2	200	xuid eb2.3lift.com/ Frame 6D10 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/triplelift/2702532730809014136?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZH0qlCVE2oQBFrVCaWWTsqhwsFOXu1Cel9ZRTmcHlQ--~A&dongle=0883	37 B 351 B	26ms 26ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZH0qlCVE2oQBFrVCaWWTsqhwsFOXu1Cel9ZRTmcHlQ--~A&dongle=0883 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:06 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers date Tue, 23 Mar 2021 12:23:06 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://eb2.3lift.com/xuid?mid=2662&xuid=y-ZH0qlCVE2oQBFrVCaWWTsqhwsFOXu1Cel9ZRTmcHlQ--~A&dongle=0883 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame 6D10 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D https://eb2.3lift.com/xuid?mid=3335&xuid=8133114071297073437&dongle=4d58&gdpr=1&gdpr_consent=	37 B 351 B	26ms 25ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=3335&xuid=8133114071297073437&dongle=4d58&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:07 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:06 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.53:80 AN-X-Request-Uuid f2cef6ca-8006-47bf-8559-8544f14d42e5 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eb2.3lift.com/xuid?mid=3335&xuid=8133114071297073437&dongle=4d58&gdpr=1&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	iu3 s.amazon-adsystem.com/ Frame 6D10 Redirect Chain https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2702532730809014136 https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t	0 0	127ms 127ms	Image text/html	52.94.232.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers Pragma no-cache Date Tue, 23 Mar 2021 12:23:07 GMT Server Server Vary User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2702532730809014136&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame 6D10 Redirect Chain https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1	37 B 139 B	24ms 24ms	Image image/gif	18.158.81.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 12:23:07 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers Location https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 Pragma no-cache Date Tue, 23 Mar 2021 12:23:07 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 95 Content-Type text/html; charset=utf-8
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame 6D10	0 0	107ms 35ms	Image text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2702532730809014136 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame 6D10	0 0	118ms 46ms	Image text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=2702532730809014136 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync?&ld=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 894B	42 B 89 B	39ms 39ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXwjpT49bmW6VoiDqYWGKIEfWkRLmOMiFKLgESH1j66w_I5nPTUPHbJ6FnMY2xlPrbWYb9Th5sBRobikl3nVd_BvD7BgD5dvz9HM_-7ug&sig=Cg0ArKJSzCBOc-deNJtgEAE&id=osdim&mcvt=1000&p=243,1280,493,1580&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210322&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1681971775&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1616502183938&dlt=0&rpt=870&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 590F	42 B 66 B	39ms 39ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCcT8blkQtn7-B32Kya7roeKxiueZWwzrMiQcfNRje31oghh_1PTwIfD4g4X2xBi0kTskZ40liJH8dmmVJfcy-CdNUwp82wau2C78kwQ8&sig=Cg0ArKJSzHvI224NVTfnEAE&id=osdim&mcvt=1000&p=1100,436,1190,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210322&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=103630569&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1616502184251&dlt=0&rpt=2067&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 23 Mar 2021 12:23:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	tinyurl.com Show response e.deployads.com/e/	2 B 126 B	46ms 46ms	XHR text/plain	18.202.37.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://e.deployads.com/e/tinyurl.com Requested by Host: tags-cdn.deployads.com URL: https://tags-cdn.deployads.com/a/tinyurl.com.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.37.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-37-41.eu-west-1.compute.amazonaws.com Software Jetty(7.6.12.v20130726) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tinyurl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Tue, 23 Mar 2021 12:23:07 GMT server Jetty(7.6.12.v20130726) content-length 2 content-type text/plain;charset=UTF-8