tinyurl.com Open in urlscan Pro
2606:4700:10::ac43:1e1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tinyurl.com/
Effective URL:
https://tinyurl.com/app
Submission: On July 20 via manual (July 20th 2023, 10:34:37 am UTC) from FR — Scanned from FR

Summary HTTP 245 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 92 IPs in 8 countries across 75 domains to perform 245 HTTP transactions. The main IP is 2606:4700:10::ac43:1e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is tinyurl.com. The Cisco Umbrella rank of the primary domain is 17523.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.

This is the only time tinyurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:8b41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2606:4700:10:... 2606:4700:10::ac43:1e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:14ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	18.173.187.81 18.173.187.81	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
11	34.160.152.31 34.160.152.31	15169 (GOOGLE) (GOOGLE)
1	13.227.219.28 13.227.219.28	16509 (AMAZON-02) (AMAZON-02)
1 3	18.65.39.70 18.65.39.70	16509 (AMAZON-02) (AMAZON-02)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:440... 2606:4700:4400::ac40:99f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2	34.160.128.112 34.160.128.112	15169 (GOOGLE) (GOOGLE)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	18.66.192.96 18.66.192.96	16509 (AMAZON-02) (AMAZON-02)
1	44.228.239.46 44.228.239.46	16509 (AMAZON-02) (AMAZON-02)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.139.35 52.222.139.35	16509 (AMAZON-02) (AMAZON-02)
4	18.66.138.185 18.66.138.185	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	46.51.194.233 46.51.194.233	16509 (AMAZON-02) (AMAZON-02)
2	34.107.140.113 34.107.140.113	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.197.190.58 18.197.190.58	16509 (AMAZON-02) (AMAZON-02)
7	18.193.5.151 18.193.5.151	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.240.83.116 34.240.83.116	16509 (AMAZON-02) (AMAZON-02)
1	3.75.115.20 3.75.115.20	16509 (AMAZON-02) (AMAZON-02)
3 5	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c3:b400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.209.239.88 23.209.239.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
3 6	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
7 14	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	23.213.169.149 23.213.169.149	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
20	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	38.133.127.31 38.133.127.31	() ()
1	151.101.1.108 151.101.1.108	() ()
2	23.213.168.238 23.213.168.238	() ()
1	13.248.245.213 13.248.245.213	() ()
2	95.101.149.233 95.101.149.233	() ()
4 5	18.159.220.108 18.159.220.108	() ()
2 3	2a05:d018:d29... 2a05:d018:d29:3605:f284:42bf:7c5f:c715	() ()
2 3	185.64.190.78 185.64.190.78	() ()
1	213.155.156.169 213.155.156.169	() ()
1 1	178.250.7.11 178.250.7.11	() ()
9	185.64.190.80 185.64.190.80	() ()
1 1	193.0.160.131 193.0.160.131	() ()
4	198.47.127.205 198.47.127.205	() ()
1 1	52.54.23.208 52.54.23.208	() ()
1	82.145.213.8 82.145.213.8	() ()
1 2	151.101.130.49 151.101.130.49	() ()
1 1	35.214.205.40 35.214.205.40	() ()
1	173.231.180.197 173.231.180.197	() ()
1	195.5.165.20 195.5.165.20	() ()
1	35.186.193.173 35.186.193.173	() ()
1 1	34.102.163.6 34.102.163.6	() ()
1	52.31.235.128 52.31.235.128	() ()
2 2	34.111.129.221 34.111.129.221	() ()
1	34.111.131.239 34.111.131.239	() ()
1	35.204.158.49 35.204.158.49	() ()
1	3.71.149.231 3.71.149.231	() ()
2 2	108.128.57.78 108.128.57.78	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1	98.98.134.241 98.98.134.241	() ()
1 1	134.122.57.34 134.122.57.34	() ()
4 4	69.173.144.139 69.173.144.139	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 2	69.173.144.165 69.173.144.165	() ()
245	92

1 2606:4700:10::6814:8b41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:1e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:14ce (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-81.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.160.152.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.39.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-70.ams1.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com

api.floors.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.192.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-96.muc50.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.228.239.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-239-46.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-35.ams50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.194.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-194-233.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com

s2s.t13.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.190.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-190-58.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.193.5.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.83.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-83-116.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.115.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-115-20.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.239.88 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-239-88.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.25 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.95.125.22 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.213.169.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-169-149.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mcdp-nldc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.133.127.31 (None, )

ASN- ()

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.168.238 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.159.220.108 (None, ) 4 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:f284:42bf:7c5f:c715 (None, ) 2 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.169 (None, )

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.205 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.23.208 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.205.40 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, )

ASN- ()

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (None, ) 1 redirects

ASN- ()

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.235.128 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (None, ) 2 redirects

ASN- ()

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (None, )

ASN- ()

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.57.78 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	160 KB
24	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 ad.doubleclick.net — Cisco Umbrella Rank: 186 cm.g.doubleclick.net — Cisco Umbrella Rank: 243 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 355	208 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 322	1 MB
19	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 583 ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com	30 KB
17	pub.network a.pub.network — Cisco Umbrella Rank: 5473 d.pub.network — Cisco Umbrella Rank: 5666 c.pub.network — Cisco Umbrella Rank: 5409	382 KB
13	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 364 aax.amazon-adsystem.com — Cisco Umbrella Rank: 451 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1078 s.amazon-adsystem.com Failed	70 KB
11	tinyurl.com 2 redirects tinyurl.com — Cisco Umbrella Rank: 17523	1 MB
9	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 567 eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	14 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1320 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3309 odb.outbrain.com — Cisco Umbrella Rank: 2577 mcdp-nldc1.outbrain.com — Cisco Umbrella Rank: 33423	99 KB
7	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1305	1 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 425 bidder.criteo.com — Cisco Umbrella Rank: 727 mug.criteo.com — Cisco Umbrella Rank: 2424 dis.criteo.com	8 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1780 q.stripe.com — Cisco Umbrella Rank: 17709 m.stripe.com — Cisco Umbrella Rank: 1651	146 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 acdn.adnxs.com	21 KB
6	bidswitch.net 4 redirects grid.bidswitch.net — Cisco Umbrella Rank: 1148 x.bidswitch.net	2 KB
5	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9178 images.outbrainimg.com — Cisco Umbrella Rank: 1874 log.outbrainimg.com	28 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	4 KB
4	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1490 google-bidout-d.openx.net — Cisco Umbrella Rank: 1488 eu-u.openx.net — Cisco Umbrella Rank: 2676	1 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 856 id5-sync.com — Cisco Umbrella Rank: 426	50 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	1 KB
4	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2179	373 B
4	btloader.com btloader.com — Cisco Umbrella Rank: 993 api.btloader.com — Cisco Umbrella Rank: 1131	84 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr idsync.frontend.weborama.fr	897 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 601	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 876 sync.crwdcntrl.net	12 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1226 pixel.quantserve.com — Cisco Umbrella Rank: 919 cms.quantserve.com	10 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	5 KB
2	avct.cloud 2 redirects ads.avct.cloud	1 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net	770 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	113 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 595	60 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1611	315 B
2	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 678	222 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 644 eb2.3lift.com	696 B
2	t13.io s2s.t13.io — Cisco Umbrella Rank: 5070	435 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1914	16 KB
2	floors.dev api.floors.dev — Cisco Umbrella Rank: 8438	2 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1154	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1771	305 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1528	94 KB
2	optimise.net optimise.net — Cisco Umbrella Rank: 6751	1 KB
2	gstatic.com fonts.gstatic.com	48 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 724 script.hotjar.com — Cisco Umbrella Rank: 889	73 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	126 KB
1	linkedin.com px.ads.linkedin.com	651 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	555 B
1	sitescout.com pixel-sync.sitescout.com	187 B
1	turn.com 1 redirects ad.turn.com	518 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	simpli.fi um.simpli.fi	611 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com	308 B
1	ctnsnet.com ipac.ctnsnet.com	361 B
1	iprom.net core.iprom.net	277 B
1	adgrx.com cm.adgrx.com	282 B
1	loopme.me 1 redirects csync.loopme.me	226 B
1	opera.com t.adx.opera.com	413 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	1 KB
1	rfihub.com 1 redirects p.rfihub.com	793 B
1	de17a.com d5p.de17a.com	125 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1091	398 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1388	17 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1160	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1598	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1620	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	902 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2336	10 KB
1	videoplayerhub.com 1 redirects freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6620	466 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
0	audrte.com Failed a.audrte.com Failed
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	tribalfusion.com Failed s.tribalfusion.com Failed
0	smartadserver.com Failed rtb-csync.smartadserver.com Failed
0	adition.com Failed dsp.adfarm1.adition.com Failed
0	intentiq.com Failed api.intentiq.com Failed
245	75

	Domain	Requested by
20	s0.2mdn.net	tinyurl.com s0.2mdn.net
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
14	cm.g.doubleclick.net	7 redirects google-bidout-d.openx.net googleads.g.doubleclick.net
11	tinyurl.com	2 redirects tinyurl.com
10	c.pub.network	a.pub.network
9	simage2.pubmatic.com	ads.pubmatic.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com tinyurl.com s0.2mdn.net
7	btlr.sharethrough.com	a.pub.network
6	aax-eu.amazon-adsystem.com	3 redirects google-bidout-d.openx.net ads.pubmatic.com
6	a.pub.network	tinyurl.com a.pub.network
5	x.bidswitch.net	4 redirects
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects a.pub.network acdn.adnxs.com
5	securepubads.g.doubleclick.net	a.pub.network securepubads.g.doubleclick.net tinyurl.com www.googletagservices.com
4	token.rubiconproject.com	4 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	widgets.outbrain.com	securepubads.g.doubleclick.net widgets.outbrain.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	match.adsrvr.org	a.pub.network google-bidout-d.openx.net ads.pubmatic.com
4	gum.criteo.com	1 redirects a.pub.network static.criteo.net
4	id.hadron.ad.gt	cdn.hadronid.net a.pub.network
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com
3	images.outbrainimg.com
3	c1.adform.net	3 redirects
3	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
3	q.stripe.com	tinyurl.com
3	api.btloader.com	freestar-io.videoplayerhub.com
3	js.stripe.com	tinyurl.com js.stripe.com
3	sb.scorecardresearch.com	1 redirects a.pub.network tinyurl.com
2	pixel.rubiconproject.com	1 redirects
2	ads.avct.cloud	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	a.pub.network eus.rubiconproject.com
2	ads.pubmatic.com	a.pub.network ads.pubmatic.com
2	googleads4.g.doubleclick.net	tinyurl.com
2	googleads.g.doubleclick.net	49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
2	static.criteo.net	a.pub.network static.criteo.net
2	49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	ads.yieldmo.com	a.pub.network
2	s2s.t13.io	a.pub.network
2	id5-sync.com	cdn.id5-sync.com
2	oajs.openx.net	1 redirects
2	cdn.id5-sync.com	securepubads.g.doubleclick.net tinyurl.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	api.floors.dev	a.pub.network
2	ad-delivery.net	tinyurl.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.confiant-integrations.net	a.pub.network cdn.confiant-integrations.net
2	optimise.net	a.pub.network
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	tinyurl.com www.googletagmanager.com
1	px.ads.linkedin.com
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	ad.mrtnsvr.com	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	t.adx.opera.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	cms.quantserve.com	1 redirects
1	p.rfihub.com	1 redirects
1	dis.criteo.com	1 redirects
1	d5p.de17a.com	ads.pubmatic.com
1	eb2.3lift.com	a.pub.network
1	acdn.adnxs.com	a.pub.network
1	log.outbrainimg.com	widgets.outbrain.com
1	mcdp-nldc1.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	tinyurl.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	mug.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	eu-u.openx.net	google-bidout-d.openx.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	pixel.quantserve.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	secure.cdn.fastclick.net	tinyurl.com
1	rules.quantcount.com	secure.quantserve.com
1	bidder.criteo.com	a.pub.network
1	grid.bidswitch.net	a.pub.network
1	hbopenbid.pubmatic.com	a.pub.network
1	tlx.3lift.com	a.pub.network
1	fastlane.rubiconproject.com	a.pub.network
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	secure.quantserve.com	a.pub.network
1	m.stripe.com	m.stripe.network
1	ad.doubleclick.net	tinyurl.com
1	cdn.hadronid.net	tinyurl.com
1	btloader.com	tinyurl.com
1	freestar-io.videoplayerhub.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	d.pub.network	a.pub.network
1	static.hotjar.com	tinyurl.com
1	fonts.googleapis.com	tinyurl.com
0	s.amazon-adsystem.com Failed
0	a.audrte.com Failed	ads.pubmatic.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	s.tribalfusion.com Failed	ads.pubmatic.com
0	rtb-csync.smartadserver.com Failed	ads.pubmatic.com
0	dsp.adfarm1.adition.com Failed	ads.pubmatic.com
0	api.intentiq.com Failed	a.pub.network
245	117

This site contains links to these domains. Also see Links.

Domain
ads.freestar.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
d.pub.network GTS CA 1D4	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
optimise.net GTS CA 1D4	`2023-05-26` - `2023-08-24`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
hadronid.net GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
api.floors.dev GTS CA 1D4	`2023-07-19` - `2023-10-17`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-28` - `2023-09-30`	3 months	crt.sh
c.pub.network GTS CA 1D4	`2023-06-15` - `2023-09-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
s2s.t13.io GTS CA 1D4	`2023-07-16` - `2023-10-14`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://tinyurl.com/app
Frame ID: 015540D20B453FA8A56969B8C2EE4F4A
Requests: 98 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: C698C46F5F660BBD0DA846E74F6B856B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7CEF896FA632A18E4EA068A91881F24E
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 657081318ED56BD1C9BA9FA2A599341A
Requests: 6 HTTP requests in this frame

Frame: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5F5541BA6D5ABC6C21B4C57F3761A7E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D0D94390411D7582F683EEDB22B1717
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6321B8579ADA73398F9AB293DF59ED3D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tinyurl.com
Frame ID: BDBD4C979C3C2B4F60202033818DEA1C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMu7gjBtUB0GDv_LeD9ldBG20x_9NdEZTizXw6kDwAefc5RX6eLFPONgb9-zr1CPNjulkArn0-gBku5jJOVW4HRck7qf3n7ercIGgGW0JtS7lCXk0T0Vbl5b8VXcvmuPrdHKdWYjhyzmR-fdF472MkKEGo520iWcRy8TRpbvbHyInIvfyy6HUpHUW1fmUhuSHwt26O1VSRv4YezeS7VaiWKOzFTNwL3hTpXQ4WwIVEnxJNYUWuvoa4KuX3e-lo9DkXA5hI8Ek59pJdo5a1IBb6_6LoJ6etTBJq9BO0I-bBQFX_yOz5FQwuk8bs9quKDmBcCDX646NJnpGofbv9ZMn3R7nZnJC8jMX7F9amgxue&sai=AMfl-YSOvc5H72R_Ig_3yFud-998mPSf9KwZbdeGUjU6GlpWIzRqvCBYY7giqMHOu0RfPWyy8RrN6S-r10WmHaQF6a4Gf3SvineyeTPK8IA0Y-fgcCMLZ_XF8jO84fJc_95-B3NE1NBcDJiaERe68Iqw&sig=Cg0ArKJSzJPtweMeJDdZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F0504952543F45F969384CC6D89AEE06
Requests: 16 HTTP requests in this frame

Frame: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 577D4CEF6D78CFF04DA39FFFF87BFA63
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQt9SFAhjA_IDkATAB&v=APEucNUZH3_uGuXvtX5V_JeV2Udms_lf5pTEy7WIzw-U5ACywTns4-YTmywzKgdTcD7hElz6vWo7yJV7lzUK7sNvyD5nv2887Nr4-w6U0tls3cGf2ubalYP3y87VfU6VME-L6uikx_TwdUAr7HAEZCR1jMSc244A00O79wbmdnk0O301UOcs_EM
Frame ID: F5739F99849179913A47C17ED2D9A434
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 58C4D046472E01CEAF3EE42E5452DC59
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
Frame ID: 19671A57DE6FF9224B456977871B77A7
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js
Frame ID: 331A602B4F7F8572DED11392DA193403
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 078911D2D9A4CE5EBB383261FE68F21D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8A86D1F77C3203182B911CC1A57E625A
Requests: 2 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: EF3D42AF05A29BE3E889B32D0D530078
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 9F3B031E56EDCD32F368C12DF3233CDE
Requests: 18 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: C09B698E80FB396A1F52F0C6E5D15760
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EF4F8C6F54656B78B5B06E93C0D89838
Requests: 10 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 95557B1BE49B9DB34D30C89CE6855767
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 3E33EC32FD11E62704CDD494C3BD1822
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327495547637
Frame ID: BE0F0D7E405B07E4854BAB31D1FD4FBB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: DA6580990FD3F3B4F006BA967A988F02
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7I99JniPfWE42yvneBy9J60bKyE4D70n7I1keZ7
Frame ID: 60E4BF757F5030FE6FB2EF9DBFF6E1D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=604812902474433476&gdpr=0&gdpr_consent=
Frame ID: E868A9F70A5DE8E717C2D2E27B2EDF20
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: 553BA895051D319DBAAE1315C73990B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0-cubujQXzZhnCACY2mRC7IhkLM&gdpr=0&gdpr_consent=
Frame ID: 8BBCA82CC73B309E9354B5CC93D99A55
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 7869D4D2798B2C2E5000884648602C36
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE6j07JchsAACSyTbgeqQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0
Frame ID: B2111D690C7C2DD20FB9B4FB9620DE67
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLkNvAACOU0ssQAb
Frame ID: AB0112768C490EB9CB0BEE5EC627535F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A298874754C317089C9AF2BE55574AEC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6E447C7067F5D77959EFFED60DA7495E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 5BE5DF250B7EE5055980AF7A7DFC9520
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: AEFB570DA351A3F3850085AEFB29D522
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A4F0658D3A81A2724F553DF3F35B4CA1
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 7C88A2E3460557877D1C444F9DCC2955
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent=
Frame ID: F521ED9AFAAC37AEE5733E52C12CF67A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URL Shortener - Short Link Generator & Free Link Shortener | TinyURL: The Original Link Shortener

Page URL History Show full URLs

http://tinyurl.com/ HTTP 301
https://tinyurl.com/ HTTP 302
https://tinyurl.com/app Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

245
Requests

87 %
HTTPS

31 %
IPv6

75
Domains

117
Subdomains

92
IPs

8
Countries

4688 kB
Transfer

11809 kB
Size

37
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ads.freestar.com/?utm_campaign=branding&utm_medium=banner&utm_source=tinyurl.com&utm_content=tinyurl_footer-multisize-2.0

Search URL Search Domain Scan URL

URL: https://ads.freestar.com/?utm_campaign=branding&utm_medium=banner&utm_source=tinyurl.com&utm_content=tinyurl_right-multisize-2.0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tinyurl.com/ HTTP 301
https://tinyurl.com/ HTTP 302
https://tinyurl.com/app Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689849270850&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftinyurl.com%2Fapp&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689849270850&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftinyurl.com%2Fapp&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=

Request Chain 20

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 72

https://oajs.openx.net/esp?url=https%3A%2F%2Ftinyurl.com%2Fapp&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ftinyurl.com%2Fapp&rid=esp&cc=1

Request Chain 100

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5198634508333833405

Request Chain 101

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=57f8aae0-f509-c093-0af7-7a3fe1b6f47c HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=57f8aae0-f509-c093-0af7-7a3fe1b6f47c&dcc=t

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM0MTA1NTctMjBkNC0yNWNkLWRmMTktYTIxMTQzNjdmMWZj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM0MTA1NTctMjBkNC0yNWNkLWRmMTktYTIxMTQzNjdmMWZj&google_tc=

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=

Request Chain 123

https://gum.criteo.com/sid/json?origin=publishertag&domain=tinyurl.com&sn=ChromeSyncframe&so=0&topUrl=tinyurl.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=61XCc3x0TE5kVVlXR292d1pnVklZWFkwM2tNdlJkVTZnRzlYRXNsREZ1MFdkdmJhQzFBVkxPdWVhODRRQUpjQTdMMkUzRnBHVkNPb2RNTGR1YlRBVzNIVnB4QjljaVdYS0FOVFN0NEFQc0xzWWFNT1lsRGVhaGdMRmF6SmJmYVZQdXd6RmVBV3FtcWxWMnZyZXE3VDlmemV4TU82cTNYMUVpWjhENFNQR3VBUnVCQmJBYUxQRkRwNlE2MG1rQ0hsMnUxLzVnYzdyNUNmWEg5eEtteGJMOWZVL3MyMEh0dGFjOXZwcm03M1JqWFpFU2dhK2tmUDYzRmU3N1FPSnJDSGZpOTQwbkNxV09mblNsU2Z3YTF4RExKNUlEZz09fA&cppv=2

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLkNun-5r90c3EZaEtv6ZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0ODEyOTAyNDc0NDMzNDc2

Request Chain 200

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=20709161-78ee-4082-8045-abd2c7fd05da&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-EbgTENtE2pngrEwPj8vzMuvB6UYkX.1nUbwXCg--~A&expires=5&ssp=themediagrid

Request Chain 205

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 206

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327495547637

Request Chain 207

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 208

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7I99JniPfWE42yvneBy9J60bKyE4D70n7I1keZ7

Request Chain 209

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=604812902474433476&gdpr=0&gdpr_consent=

Request Chain 211

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0-cubujQXzZhnCACY2mRC7IhkLM&gdpr=0&gdpr_consent=

Request Chain 213

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNmowN0pjaHNBQUNTeVRiZ2VxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE6j07JchsAACSyTbgeqQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAE6j07JchsAACSyTbgeqQ&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE6j07JchsAACSyTbgeqQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLkNvAACOU0ssQAb

Request Chain 215

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 219

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 221

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent=

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jwcb_CoUSEujoEalOykWDg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 224

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1014616771 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=27071BFC-2A14-484B-A3A0-46A53B29160E

Request Chain 225

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=27071BFC-2A14-484B-A3A0-46A53B29160E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGQ2RDNKdTZFSWJUOUNtSjIyTnJMaUktQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjcwNzFCRkMtMkExNC00ODRCLUEzQTAtNDZBNTNCMjkxNjBF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15

Request Chain 229

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5198634508333833405

Request Chain 233

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=c5e3699d-2ac1-47d8-b6a7-1ea726a36604&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20709161-78ee-4082-8045-abd2c7fd05da&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 235

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7385666904958375303&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 237

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f24775f4-46b2-49c4-819f-1437193119a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 238

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCME1KVjYtMVUtMlBRSg==

Request Chain 239

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKB0MJV6-1U-2PQJ

Request Chain 241

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/jmnS3Y-_8GGrzEHSAWlYi8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nL5149FE2oIRNY6rwsBdYmY1YK5tCm0Cx_S.zw--~A

Request Chain 242

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5ofBbzW5RDCVfAzSRTckIw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5ofBbzW5RDCVfAzSRTckIw

Request Chain 245

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjEwNTdkNjAyZmQ0YjlmZmRhZDBhMjgyMThhNTUyMjQyNjFjMzA4YQ

245 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request app Show response
tinyurl.com/
Redirect Chain

http://tinyurl.com/
https://tinyurl.com/
https://tinyurl.com/app

15 KB
6 KB

487ms
487ms

Document
text/html

2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b018fb96faaf22de5e11ed1fae7e4e6b9e0b332395b25620a5a4430e3bbd6c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private
cf-cache-status: DYNAMIC
cf-ray: 7e9a8d506d6cd69a-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 10:34:30 GMT
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, public
cf-cache-status: DYNAMIC
cf-ray: 7e9a8d4d6a6dd69a-CDG
content-language: en
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 10:34:29 GMT
location: https://tinyurl.com/app
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 front.css
tinyurl.com/css/ 451 KB
80 KB 64ms
64ms Stylesheet
text/css 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinyurl.com/css/front.css?id=fa8337445bc4befc854785f8eba8501a
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10ab8d4b7ee18b7abfcc84952b847ec9e1a450d8f8772d8f78c3c7c73fe7b778

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 10:36:19 GMT
server: cloudflare
age: 6217
etag: W/"3158698344"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7e9a8d545b8702d9-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 14:34:30 GMT

GET
H3 200 app.js Show response
tinyurl.com/js/ 280 KB
61 KB 45ms
44ms Script
text/javascript 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinyurl.com/js/app.js?id=577d86c0e6e162d91397feda365604de
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641f906e3373255a4a526d6468bf66a84f4bbaa7aa6d9c345c13cb7014c3b524

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 08:53:01 GMT
server: cloudflare
age: 2768
etag: W/"2681926718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 7e9a8d545b8902d9-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 14:34:30 GMT

GET
H2 200 cls.css
a.pub.network/core/pubfig/ 2 KB
1 KB 108ms
48ms Stylesheet
text/css 2606:4700::6812:14ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/cls.css
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2251
x-guploader-uploadid: ADPycdvf-1WnCamMp2BP9QuwsHVD5pzc4ngaDawvIr3FkLpCz5aD8AuFn9XCqX90MkP0MgOADwGrvBOrkkxbwZw4XFMIcIQydTF1
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
server: cloudflare
etag: W/"816783146b3907e634d0e822ca759864"
vary: Accept-Encoding
x-goog-generation: 1666967770269941
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 2096
cf-ray: 7e9a8d54bf430481-CDG
expires: Thu, 20 Jul 2023 11:34:30 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/tinyurl-com/ 106 KB
38 KB 41ms
41ms Script
application/javascript 2606:4700::6812:14ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7fe07354bafff73a914ceefdbc958f24e875da8dd2d8aadda70baa25db9ab8f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63501
x-guploader-uploadid: ADPycdvX8d6NwsWgyZa4CmKWvM4xz_cWjmiLNotVq4FUH_3_zk2zgtbdf51Yi7nnFIViVajC5AFLFiC1ugj7CP9Uk2LsSlnOXa1L
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 19 Jul 2023 16:43:22 GMT
server: cloudflare
etag: W/"bc1e59fb226e355c25c691dd037f4f6a"
vary: Accept-Encoding
x-goog-hash: crc32c=2y/3ZA==, md5=vB5Z+yJuNVwlxpHdA39Pag==
x-goog-generation: 1689785002501742
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 108397
cf-ray: 7e9a8d551f7c0481-CDG
expires: Thu, 20 Jul 2023 11:04:30 GMT

GET
H3 200 manifest.js Show response
tinyurl.com/js/ 4 KB
3 KB 36ms
35ms Script
text/javascript 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinyurl.com/js/manifest.js?id=23019be20128995b5603de12e2f8f15a
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412801cfc7c8184efcbf91b789bbb3e4c1f759e48c68690e2fd36342e3639edc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 08:53:01 GMT
server: cloudflare
age: 3497
etag: W/"1370439185"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 7e9a8d556cbe02d9-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 14:34:30 GMT

GET
H3 200 vendor.js Show response
tinyurl.com/js/ 3 MB
1 MB 48ms
47ms Script
text/javascript 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinyurl.com/js/vendor.js?id=f42d07bbf4403148f5f7202ace25ebf4
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4e9c29811d835dbf1028a11d9152dafa9515e20a4f5a5f6d8e8309a2bfa71e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 May 2023 07:48:57 GMT
server: cloudflare
age: 2768
etag: W/"2579064344"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 7e9a8d55ad1302d9-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 14:34:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
45 KB 100ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5C3DL4X

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88ba11469b80baa4fb13e19f765fd14ed5222e34ac8de4acc772706014375d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45684
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jul 2023 10:34:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 100ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bungee&family=Montserrat:wght@100;300;400;500;600;700&display=swap

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/css/front.css?id=fa8337445bc4befc854785f8eba8501a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05bb7e571ad3d5da7b996ede9d119937337f7eb84723ad8967b23b4245498434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 10:32:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 10:34:30 GMT

GET
H2 200 hotjar-2976777.js Show response
static.hotjar.com/c/ 9 KB
4 KB 111ms
43ms Script
application/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2976777.js?sv=6

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

Resource Hash

147c6cb56e0a7c98fea417a32fe1fa01320d5e96850315037d8ee166359f1285

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 51
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b02ec9b9d645d7dd5f16814f737e3aa3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: KXAZQRfOiJkabVvfHIImZs5wKIPpmni94ugAAXmVqM_6M7IV8wiReg==

GET
H2 200 N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v11/ 17 KB
17 KB 92ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungee/v11/N0bU2SZBIuF2PU_0DXR1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bungee&family=Montserrat:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9a22fac024371ed667ca4ebc25daaedaebd39fbfe03ebdd60c53a45a7913c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinyurl.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 23:46:15 GMT
x-content-type-options: nosniff
age: 384495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17340
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:43:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 23:46:15 GMT

GET
H2 200 init Show response
d.pub.network/v2/ 45 KB
6 KB 86ms
34ms Fetch
application/json 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/init?siteId=3163&env=PROD
Requested by: Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 00c55d2aca120bde08b54624243c1049508716246b16ac5860c61469aa351b10

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 modules.1710207929a880de0614.js Show response
script.hotjar.com/ 280 KB
68 KB 69ms
24ms Script
application/javascript 13.227.219.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1710207929a880de0614.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2976777.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-28.ams54.r.cloudfront.net

Software

Resource Hash

5ba0537308800db1df9a498d361a6901256e7a8317db01ce07fc92bc9ed2b95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1163
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69326
last-modified: Thu, 20 Jul 2023 10:14:26 GMT
etag: "9a445912e0fffa22b3247a37c2b5ef86"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vEubjHKEIMqgos_J8qYJDxLukeU2ANr7AbbEvmWdEBuSHNgPg6cYzQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 8 KB
4 KB 74ms
23ms Script
application/javascript 18.65.39.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-70.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 125bae6d5c0255748d46352540c62c2907721067fb829fdf55646824f1517590

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:46:59 GMT
content-encoding: gzip
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 14:46:47 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 71252
etag: W/"478ff7d954cc355359ddc496dde10f4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: QsUKeur8ySMuUtzsm4rpPhIDSKkbm72cKX7cUPCte5ewL4__oNJuPg==

GET
H2 200 pubfig.engine.js Show response
a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/ 458 KB
137 KB 49ms
49ms Script
application/javascript 2606:4700::6812:14ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0195742c124a3548b9a56ed673fe3e674ccac79e440eb4d5a78b91a31691d32f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63510
x-guploader-uploadid: ADPycds2msuTMIKynMew4qmdA09O1LP1DAn1jhHSvSBlrWWugCtx-CON0yxEP3fPrbN4eD9RQbyuf0M19PIQsxIdfxZPmQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 19 Jul 2023 16:16:15 GMT
server: cloudflare
etag: W/"88262264411e489f58b221b610cb9f31"
vary: Accept-Encoding
x-goog-hash: crc32c=7Kwkhg==, md5=iCYiZEEeSJ9YsiG2EMufMQ==
x-goog-generation: 1689783375765633
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 468892
cf-ray: 7e9a8d5668470481-CDG
expires: Thu, 20 Jul 2023 11:34:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C3DL4X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0af0121e6b6d73eff37384c79f65295e3903a8a2456914d54e53c115153c7afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 10:34:30 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689849270850&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftinyurl.com%2Fapp&c8=TinyURL.com%20-%20shorten%20that%20l...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689849270850&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftinyurl.com%2Fapp&c8=TinyURL.com%20-%20shorten%20that%20...

0
224 B

28ms
28ms

Image
text/plain

18.65.39.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689849270850&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftinyurl.com%2Fapp&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Server: 18.65.39.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-70.ams1.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 35bbfHoKF2VaJLVUJ6D5A9pqaFUZCeAMRXibkNdpB4hkwHcuce_pvQ==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 20 Jul 2023 10:34:30 GMT
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=23384447&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689849270850&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftinyurl.com%2Fapp&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
content-length: 0
x-amz-cf-id: j5-8rxElIyxC6sZVsVXzdORdOqNOSrR2UuCLYpls7YzSRizOzpvIjQ==

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 76ms
26ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=tinyurl.com&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://tinyurl.com
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 10:34:30 GMT
expires: 0
fs-client-rtt: 19
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H3 200 / Show response
optimise.net/ 1 KB
1 KB 62ms
21ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=tinyurl.com&t=desktop

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

6b2b9bf0b4d8391936146f283993703c40e68aea42b067288982da74d682067a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
date: Thu, 20 Jul 2023 10:28:03 GMT
fs-client-rtt: 19
age: 388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://tinyurl.com
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
expires: 0

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 76 KB
17 KB 74ms
30ms Script
text/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1ca387a281c6cb8ebb0796f54c601cba5e3464311c7876020e314d1e7999e1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 08:02:06 GMT
server: cloudflare
x-amz-request-id: F5X77S1BH4DBDXR1
age: 343
etag: W/"e1af4ad78df2ac52f6b097f1b1a63cde"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7e9a8d577fc80175-CDG
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dTtJ/mNai1ajARfCWCLDfD3kPuzGMiW6/V0vUn9WUZdofmMi6fr6P7ZPWI1YqbE5+8oA0ILD7ng=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 209ms
147ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf638174508f47b2b586c4705fc66b49218cb620581b1f0fa6f850131296cc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27769
x-xss-protection: 0
server: cafe
etag: 182 / 19558 / m202307170101 / config-hash: 3969468664146714195
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 10:34:31 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true

486 KB
84 KB

80ms
35ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=freestar-io&upapi=true
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11700158b85b9f0e3db60050da284ea72c13362736d0d80a35d6c55c50f6155

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 10:29:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 70
etag: W/"f19b25d3a12fd19c071791b405f0f470"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWSPCBch4CbXYTVz3g6fJxIejNr9r%2BczjpUUDWJHJWWpcuK0qvWq1oL8JpOBBr7M8yImGVxDPUYfC70j0bYVCM%2BfrF%2B%2BMJt3DlbqTUB2V6oAOzspArUv%2FqqMOEkbZyMUPTT4dIs%2FG9fLjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7e9a8d584f74008e-CDG

Redirect headers

date: Thu, 20 Jul 2023 10:34:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ok96IxE0hQuwnuy7BKh2InXJ0%2FVlpi%2Fm%2BsiFff%2B6tshUT96OdUME1Fm6uxQp2tNe4p4v9j%2B7uXfWv5eGEreuPoHEu5FOHIDc6N%2FK%2Fy0TctSUVW2ZjjGaE0h7XmxFyik7iekHGG2PY5XT2sZIaPhJ7tfs3W4V2%2FM78IRpBg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
cf-ray: 7e9a8d579d682a16-CDG
expires: Thu, 20 Jul 2023 11:34:30 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 84ms
30ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp&ref=&_it=freestar&partner_id=474
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 May 2023 16:51:11 GMT
server: cloudflare
x-amz-request-id: D9H0BKD49BT4VXPH
age: 5481
etag: W/"82b3b53182a6a8dbe6684806275e839a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7e9a8d579977f138-CDG
x-amz-id-2: NYMqTPppEBiG4bbM2+rgByDV6NSeJDUeioacPP/TyAP0fbAmvOO4RCVRrzA/p/xpSBZuJnb15Hs=

GET
H2 200 prebid-analytics-7.48.3.js Show response
a.pub.network/core/ 598 KB
193 KB 34ms
33ms Script
text/javascript 2606:4700::6812:14ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29c683753e467eae157a27cccc8b998913df80a8ecf690f2df7fde0aa6ec2d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63510
x-guploader-uploadid: ADPycdshbjBPrUrGnsChzCKmn1kVBan3PRe6Ixw9msrZoGQbkcNagx7180H2G7Mk2cRkZFUZwVqPaQgU-v4BH_l4Hg4GpA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 28 Jun 2023 23:15:18 GMT
server: cloudflare
etag: W/"b90ba5907ececb67a85d71916b141edd"
vary: Accept-Encoding
x-goog-generation: 1687994118560887
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=/atxpA==, md5=uQulkH7Oy2eoXXGRaxQe3Q==
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 612655
cf-ray: 7e9a8d5748c30481-CDG
expires: Fri, 21 Jul 2023 10:34:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 83ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2PJZZW5GKP&gtm=45je37h0&_p=537722849&cid=1138861471.1689849271&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689849270&sct=1&seg=0&dl=https%3A%2F%2Ftinyurl.com%2Fapp&dt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 251 KB
77 KB 32ms
32ms Script
application/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 13:26:13 GMT
server: cloudflare
x-amz-request-id: 895ME79KJDRRGKJ9
age: 62835
etag: W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e9a8d58187e0175-CDG
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0CcYpbYFHu9d76e5EglX4BR8QVsGvGJtiCgweDMak1TvIUiAfkWoZKyW1GST7pskiUho54VnI+o=

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 96 B
288 B 129ms
128ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=tinyurl.com&url=https://tinyurl.com/app
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp&ref=&_it=freestar&partner_id=474
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e9b8c9559d010f9d9ddefc559ce2797e4c714203c8801a95d7ba4124f83c75e

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 7e9a8d5978882a65-CDG

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 192ms
126ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=tinyurl.com&url=https://tinyurl.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7e9a8d58bf972a65-CDG
content-length: 0
content-type: application/json
date: Thu, 20 Jul 2023 10:34:31 GMT
debug: OPTIONS block
expires: Fri, 19 Jul 2024 10:34:31 GMT
server: cloudflare

GET
H3 200 state Show response
tinyurl.com/app/api/ 72 B
958 B 473ms
472ms XHR
application/json 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tinyurl.com/app/api/state

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/js/vendor.js?id=f42d07bbf4403148f5f7202ace25ebf4

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d8511edbc029729dcebd0d2d5491612ab9bb4721b1f54ab84415b35aa91558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tinyurl.com/app
X-XSRF-TOKEN: eyJpdiI6IlhHcXhWUkU1Q0RBS3RZdWttNldpeFE9PSIsInZhbHVlIjoibko4UG9QTVhnM05jZzJTVGFkRE5RNWJVNlovbk9PdmRlc0JEbmc0emNFQ2YwOXVpTlRMZ215cHNoLzZWSi8rZUZjL296V0lSRHltOXV4TEJsNlkwOGtsK2xIdjJhY0RZSE1kZEhmNVVoZjIrSTV6anJkaHgyeDUrV3ZoeGVJcnEiLCJtYWMiOiI1NGIwNjcxNGYxODFhMGZlNDkyNTQzOTJmNTNkY2IyYTk5ZGFlNGNlMjYzYThhNjBiZGQ2YmY5OGM5ZGVlZTRkIiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: max-age=0, private
cf-ray: 7e9a8d59390502d9-CDG
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 v3 Show response
js.stripe.com/ 512 KB
142 KB 87ms
17ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/js/vendor.js?id=f42d07bbf4403148f5f7202ace25ebf4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9cad7fb7a86fe45ce88d62cdcbbc1af8e8a20e1c74a92e7076adef9dedbe5900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 10:34:31 GMT
via: 1.1 varnish
age: 29
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145275
x-request-id: f2a93ff2-4cb6-4ce3-88b9-6d074b465a9b
x-served-by: cache-lcy-eglc8600077-LCY
last-modified: Wed, 19 Jul 2023 20:37:00 GMT
server: Fastly
etag: "576f558e9c1b3340431ae383c88fbc22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6855

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bungee&family=Montserrat:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tinyurl.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 11:44:08 GMT
x-content-type-options: nosniff
age: 168623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 11:44:08 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/ 385 KB
122 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1368
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125056
x-xss-protection: 0
server: cafe
etag: 10096237036492005269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 19 Jul 2024 10:11:43 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 184ms
121ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 10:34:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
928 B 89ms
26ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 564262
x-guploader-uploadid: ADPycdsAIqFlLfYHTjAmcY_DJLa50aJ9TD0x4kifFJDQ4YF1peutvdIQqitrLdgqNiFRayQgq3If1E0jBDRAsJ42_Sa6fw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgS1d6JNhCtOmS7%2B5gooV1XzrreHrSCo1OViSD7Tqx2MBQbdUra5nSLz1yVnSzpTvt0XJFckHrbFXBFqH3PUQp%2BdKkmR1BnO1398JcO%2FrSNIDc1D5dfGTNrR1xCzJoaCNhlufdOKuAWHDZze%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e9a8d5b49ac02aa-CDG
expires: Thu, 13 Jul 2023 21:51:49 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 102ms
26ms Image
image/x-icon 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 15:05:16 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 74ms
27ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9929037506270864
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 564262
x-guploader-uploadid: ADPycdsAIqFlLfYHTjAmcY_DJLa50aJ9TD0x4kifFJDQ4YF1peutvdIQqitrLdgqNiFRayQgq3If1E0jBDRAsJ42_Sa6fw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZIfAByoLWB3y6Z1%2BB8qQMA5IUxGIrZtRTxOGgUqFZVG7eDIq3bZIsFVyHozJTrei3RoCAyp6Gtg5Ycei9g%2FU3xmvW9kVIWeh0hujQzJVyS2fl%2B2qNHic3563S3hNo6oPccxVDscD2K18NWfPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e9a8d5b49ad02aa-CDG
expires: Thu, 13 Jul 2023 21:51:49 GMT

OPTIONS
H2 200 floors
api.floors.dev/sgw/v1/ Frame 0
0 786ms
738ms Preflight 34.160.128.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.floors.dev/sgw/v1/floors

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

112.128.160.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://tinyurl.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
cache-status: uncacheable
content-length: 0
date: Thu, 20 Jul 2023 10:34:32 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

POST
H3 200 floors Show response
api.floors.dev/sgw/v1/ 2 KB
2 KB 191ms
149ms Fetch
application/json 34.160.128.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.floors.dev/sgw/v1/floors

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

112.128.160.34.bc.googleusercontent.com

Software

Resource Hash

4d758495fba4b7017aa9f3f707d3215d02171868d2a66827daaaf27f2fbdb257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
cache-status: uncacheable
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame C698 200 B
788 B 18ms
17ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21288849
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 10:34:31 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 15 Nov 2022 20:20:36 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 113745
x-content-type-options: nosniff
x-request-id: 4b1a0604-8e4e-4c26-8f6c-f6dce39027ae
x-served-by: cache-lcy-eglc8600077-LCY

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C698 631 B
694 B 18ms
18ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 10:34:31 GMT
via: 1.1 varnish
age: 21288847
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 332
x-request-id: 62534b91-3ef5-4e17-8c2f-7a7784f0069f
x-served-by: cache-lcy-eglc8600042-LCY
last-modified: Tue, 15 Nov 2022 20:20:35 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 210476

POST
H2 200 csp-report
q.stripe.com/ Frame C698 0
717 B 495ms
158ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689849272083933
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1689849272083397
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C698 0
717 B 498ms
161ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689849272084110
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1689849272083628
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 7CEF 930 B
2 KB 141ms
44ms Document
text/html 18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-96.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 200
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 10:31:12 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
x-amz-cf-id: 8W_cnxHjhX0lcft-fYYpcanNdLClvvVphdiwb7YgGGAjoimMIMk5Mw==
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 137ms
136ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 135ms
135ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=LtoQuezV&w=6316674530148352&o=5714937848528896&cv=2.1.14-4-g332a93d&r=false&vr=1600x1200&pageURL=https%3A%2F%2Ftinyurl.com%2Fapp&sid=BfpSiGpDfo&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 10:34:31 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 subscriptions Show response
tinyurl.com/app/api/ 19 KB
2 KB 472ms
472ms XHR
application/json 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tinyurl.com/app/api/subscriptions

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/js/vendor.js?id=f42d07bbf4403148f5f7202ace25ebf4

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a102616a6362acf3800a06900c03d645bedf6a211b189691675c279792f36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tinyurl.com/app
X-XSRF-TOKEN: eyJpdiI6IklXbHdTd29MUW5WTGUrMlF1dVhsNlE9PSIsInZhbHVlIjoiRS9INGtFdkdSWG5VSkd3cXA1YkNEUk1oY1BjRUthbzRQaVZWdGVQV2lPNDdXNjRBNmJDdHQwN0ZwU3dlblo2d0hLdnR6Sk9pRXQ5VnV4b0czM243cUZ4WnBibFVoMXFlenlEMHVTU3BYQjZMUDZjb3BITi9DNThzRUY0SXI2TjEiLCJtYWMiOiI2N2I2MjZjOGRlYjQ3MzIwOWNjNWJiM2NiODFhMDU3NzU4OGE3NDkzN2VlNjlkZTUwOWY3NDgwMGQ5MGQ3MDYwIiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: max-age=0, private
cf-ray: 7e9a8d5c3c1b02d9-CDG
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 fa-solid-900.woff2
tinyurl.com/fonts/ 146 KB
147 KB 48ms
47ms Font
application/octet-stream 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinyurl.com/fonts/fa-solid-900.woff2
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/css/front.css?id=fa8337445bc4befc854785f8eba8501a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c5cf547e2e8d74a17d05c5ad9f1f593ca526452e228124294fa983b908ff82

Request headers

Referer: https://tinyurl.com/css/front.css?id=fa8337445bc4befc854785f8eba8501a
Origin: https://tinyurl.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 09:41:24 GMT
server: cloudflare
age: 3187
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e9a8d5c9c8a02d9-CDG
alt-svc: h3=":443"; ma=86400
content-length: 149908
expires: Thu, 20 Jul 2023 14:34:31 GMT

GET
H3 200 fa-regular-400.woff2
tinyurl.com/fonts/ 24 KB
24 KB 47ms
46ms Font
application/octet-stream 2606:4700:10::ac43:1e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tinyurl.com/fonts/fa-regular-400.woff2
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/css/front.css?id=fa8337445bc4befc854785f8eba8501a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba24c4138c4c3cfe694a8fc8943b8ce21b9bfbb14edcb290b8654fcaa365d6b

Request headers

Referer: https://tinyurl.com/css/front.css?id=fa8337445bc4befc854785f8eba8501a
Origin: https://tinyurl.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 09:41:24 GMT
server: cloudflare
age: 3187
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e9a8d5c9c8e02d9-CDG
alt-svc: h3=":443"; ma=86400
content-length: 24840
expires: Thu, 20 Jul 2023 14:34:31 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 7CEF 0
492 B 342ms
158ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689849272083795
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1689849272083451
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 7CEF 87 KB
14 KB 45ms
45ms Script
text/javascript 18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-96.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 10:29:33 GMT
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
via: 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/"69cb7809b5011312e716f29b3d19dce6"
age: 299
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 6aQ0WDWcrzb-9VS4yLJ7VkAgNkDAVA_m25zF_KSg1WdXsORuVFhYoQ==

GET
H2 200 analytics.min.js Show response
a.pub.network/core/analytics/1.1.1/ 13 KB
5 KB 32ms
32ms Script
application/javascript 2606:4700::6812:14ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63511
x-guploader-uploadid: ADPycdv1RYSSXaFNU2zmAIcqwHLc0j5RElwKbdCLbc6EdpKoxxPhWlQsplnYNCMaKnkY1Ix_YzATHaMfwWZpDMCiQ0YuVBH89qPc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 21 Mar 2023 16:29:06 GMT
server: cloudflare
etag: W/"9faa51c72267d7040ea861c2a59c266f"
vary: Accept-Encoding
x-goog-hash: crc32c=Yy7HVA==, md5=n6pRxyJn1wQOqGHCpZwmbw==
x-goog-generation: 1679416146332026
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 13155
cf-ray: 7e9a8d5d8d7c0481-CDG
expires: Thu, 20 Jul 2023 11:34:31 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 7CEF 156 B
669 B 496ms
162ms XHR
application/json 44.228.239.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.239.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-239-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

385ba7770813dbede2a1a8f613abbae90230c610e5131de1914e8915b6f896c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689849272342286
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1689849272341963
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 175ms
125ms Preflight 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://tinyurl.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 20 Jul 2023 10:34:32 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 73ms
31ms Fetch
text/plain 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: e886175120629c7c9787dbdffe2ace753479a268b01b8ed82139db31df357013

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 66ms
22ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Jul 2023 10:34:32 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 180820
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 244 KB
60 KB 116ms
37ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:28:13 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 19:22:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 380
x-amz-server-side-encryption: AES256
etag: W/"4c32a3d3ddb526b72e7dd25429eaaa2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OAOMTUY1yIFnPKJU7aYiWYS5o2H6QD936FopNOG3FKwK8EpcvPwGLw==

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
370 B 64ms
21ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 222197
expires: 0

GET ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
387 B 117ms
35ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: b07723cdcf42205854164e0088697097128e5f269f8f4520b26bccc1c26c3a74

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 19 Aug 2023 10:34:32 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 108ms
26ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/da7adb8787d099edd018123c7dddda332ae6f160/pubfig.engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Jul 2023 10:34:32 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 74ms
30ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: XVBS9SKY48NNP9HM
age: 3153
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e9a8d622c12d373-CDG
x-amz-id-2: 4wn6k/kKav+R/00jMosVz2KTabBi1An7nx8oi8QGgd8z8wT8Ia4ewH86A1xXpWH8TO/ht0zM79mhDT+od710oA==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 61ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 10:34:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40472
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-lcy-eglc8600024-LCY
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 103ms
40ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: e42558bd6462719fd83bc4d8e9d2e5e5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 68ms
20ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:05:57 GMT
content-encoding: gzip
age: 84515
x-guploader-uploadid: ADPycdvzS9bayKvtc5Rt3R2uiYQcVENJ5ybNLIT3aPzLzZS1-2tbDRznPSakvc6KaVAPYyAmm4RkRQZikCPgRSdJBEKfSw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 18 Jul 2024 11:05:57 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 77ms
24ms Script
text/javascript 52.222.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-35.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 28812
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: w1eOJWz20ebluMFDtqsBf_4PYqK1Ya-oJbMmOfKkYP-MkNQqvU0fKg==

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
85 B 128ms
124ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 7e9a8d6329912a65-CDG

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 123ms
122ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7e9a8d6258d72a65-CDG
content-length: 0
content-type: application/json
date: Thu, 20 Jul 2023 10:34:32 GMT
debug: rtd-nx-ny
server: cloudflare

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 111ms
54ms Fetch
image/gif 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Ftinyurl.com%252Fapp%22%2C%22lv%22%3A%2223.717.1557%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 5W88DSDX9HZ1DV8YM46R
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: ZdlAKi-aWB5pNhnNXIzuOoVEqsu8ndHPZui5qPW09m3eagpDuJCGfw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 43ms
43ms XHR
application/json 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 0eda13bf855220cdec6aaace454f32733f52fcac0bacb575e459b5b081ee9c52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:30:46 GMT
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 226
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tinyurl.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1054
x-amz-cf-id: 7NDoqhLcM7oSficIf817S8IuCQj0cM11rlsl-IUmXLKsinhjnRtdKQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
414 B 105ms
57ms Fetch
image/gif 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Ftinyurl.com%252Fapp%22%2C%22lv%22%3A%2223.717.1557%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 76T1F79QAP62153NNV46
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: Zf7eNMu6LvINj8nPQ-JEpTOhfi0BBb7xaC4RrMojhres-hbwz0Q5Ag==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
458 B 116ms
68ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp&pid=mSwbWioNDSwkw&cb=0&ws=1600x1200&v=23.717.1557&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: GSWH8RRC2CB59127ADCF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: szrVFe8Ruw6XUfxtIcBNpiIfL8apqx0shoMs4q3SSzSA4O1ulbQIEw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 100ms
33ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
date: Thu, 20 Jul 2023 02:38:09 GMT
x-amz-cf-pop: MUC50-P2
age: 34719
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _qWeoOSUtpQxTk4MhnEiTZ_w_ilN18mghyPvL7a-z18otK2RY3EPHg==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 94ms
53ms Fetch
image/gif 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220ab198dd-b265-462a-ae36-74e163ad6159%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Ftinyurl.com%252Fapp%22%2C%22lv%22%3A%2223.717.1557%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 277ACCK3Q62076VQX9TT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: DrDHtP6oCPGF3YLANRmiTp2eZGUraoxsMXJ1Vc95bS7aVV4aqDP63A==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ftinyurl.com%2Fapp&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ftinyurl.com%2Fapp&rid=esp&cc=1

85 B
203 B

123ms
123ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ftinyurl.com%2Fapp&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: bafa6b4dd3a838e48a65f143a3a252d71321396a8fc1e9fa8d070dafd9471bea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-/wSWLOGtFm4TQIHUEltgcLBV/Z8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 20 Jul 2023 10:34:32 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://tinyurl.com
location: /esp?url=https%3A%2F%2Ftinyurl.com%2Fapp&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 82ms
25ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 106ms
29ms XHR
application/json 46.51.194.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.194.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-194-233.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ac329145cc7f800c70b1cb5acddcd3f01e91a6c88e3136a2f961aefa0e00ec54

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache
x-server: 10.45.8.192
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 400 cookie_sync Show response
s2s.t13.io/ 49 B
136 B 84ms
35ms XHR
text/plain 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/cookie_sync
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
expires: 0

POST
H2 500 auction Show response
s2s.t13.io/openrtb2/ 46 B
299 B 73ms
27ms XHR
text/plain 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: faa7e1cc212a742411ba13147380952ee251fad3e629dd70b0cd5adc450f1d33

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/1.119.0
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 634 B
1 KB 242ms
168ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=2%2C55%2C57%3B10%2C16&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_pubcid.org=c326274a-e3d1-4449-a46a-511dcbd58881%5E1&rf=https%3A%2F%2Ftinyurl.com%2Fapp&kw=URLshortener%2Ccreateshortlinks%2Cbrandeddomains%2Cbulklinkshortening&tg_v.id=68c7ee6b-6a0a-4c82-8bd2-02561eec9491&tg_i.domain=tinyurl.com&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp&tg_i.name=tinyurl-com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.fs_optimized=false&tg_i.fs_site=3163&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0%3B%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0&tk_flint=pbjs_lite_v7.48.0&x_source.tid=dc6e727e-a673-4061-809b-62ca0ed91954%3B0667442a-3d12-4078-be2d-ec6c01664721&l_pb_bid_id=5219236b1954a5%3B65a807a02fb6a3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=dc6e727e-a673-4061-809b-62ca0ed91954%3B0667442a-3d12-4078-be2d-ec6c01664721&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0%3B%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0&slots=2&rand=0.4202700143849887
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e856e002a9c4085ebf51e8bce596dd8ff80b1d716c33c5bf3ab20551c1831307

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
556 B 85ms
26ms XHR
application/json 18.197.190.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Ftinyurl.com%2Fapp&tmax=784

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.190.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-190-58.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
accept-ch: sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height
x-auction-status: 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
155 B 100ms
42ms XHR
text/plain 18.193.5.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.5.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 100ms
43ms XHR
text/plain 18.193.5.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.5.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 104ms
47ms XHR
text/plain 18.193.5.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.5.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 103ms
46ms XHR
text/plain 18.193.5.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.5.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 112ms
55ms XHR
text/plain 18.193.5.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.5.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 105ms
49ms XHR
text/plain 18.193.5.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.5.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 105ms
49ms XHR
text/plain 18.193.5.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.5.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-5-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 83ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
222 B 137ms
35ms XHR
text/plain 34.240.83.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22callback_id%22%3A%2227c22777420c302%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0%22%2C%22tid%22%3A%22dc6e727e-a673-4061-809b-62ca0ed91954%22%2C%22auctionId%22%3A%22292936ef-7e45-421f-9074-e45a81249576%22%7D%2C%7B%22placement_id%22%3A%22tinyurl_right-multisize-2.0%22%2C%22callback_id%22%3A%22284820698fafc91%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%22%2C%22tid%22%3A%220667442a-3d12-4078-be2d-ec6c01664721%22%2C%22auctionId%22%3A%22292936ef-7e45-421f-9074-e45a81249576%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2Fapp&bust=1689849272766&dnt=false&description=Create%20short%20and%20branded%20links%20with%20TinyURL.%20Track%20link%20performance%2C%20import%20or%20purchase%20branded%20domains%2C%20and%20run%20campaigns%20with%20bulk%20link%20shortening.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=URL%20Shortener%20-%20Short%20Link%20Generator%20%26%20Free%20Link%20Shortener%20%7C%20TinyURL%3A%20The%20Original%20Link%20Shortener&w=1600&h=1200&pubcid=c326274a-e3d1-4449-a46a-511dcbd58881&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221214%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c326274a-e3d1-4449-a46a-511dcbd58881%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.83.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-83-116.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
362 B 370ms
307ms XHR
application/json 3.75.115.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.115.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-115-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4c9b27cc205960cd9af998ae351e0391ec476767f6d15b23692020a95819ae1c

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Jul 2023 10:34:33 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
579 B 114ms
60ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
an-x-request-uuid: d25eb4f6-bb35-410e-9cec-3faa8be0eeac
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.33.144.179; 178.33.144.179; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 111ms
65ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=6758212173&lsavail=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 41ms
41ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1b042918b8ad7c3a54178fee1660eee0df1a6092dd5089a04d8cdd387a3dadbe

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 3c9d57cb8abdae4ea79a0250b0d3a08c
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 101ms
38ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://tinyurl.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 20 Jul 2023 10:34:32 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 68a73d857438dd95b6d106d46eae0422

GET
H2 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
1 KB 116ms
32ms Script
application/javascript 2600:9000:20c3:b400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:54:59 GMT
content-encoding: gzip
via: 1.1 b90884acab23625db851d03bcf681a26.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 2589
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: YwKvTS2lNTZbpvUPrlCzpgndLLUTIpOIBLWfO8CNUMgOwBojE7zr6A==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 75ms
22ms Script
application/javascript 23.209.239.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.239.88 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-239-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 20 Jul 2023 10:49:32 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 29ms
28ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 22JJ2E23556JJ9KY
age: 1744
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e9a8d62fc9bd373-CDG
x-amz-id-2: CN/YT4T0MmlrdEuEscmZXa0O3qg7Ri6vacHTA1Il7bp7+XGEuA27H0AfgKufXEvPl9KOx7JtiKic5QHZrS4E5g==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 81ms
26ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

353f0a8fc4f401620d985737f9e6946b115edc078ad9778f0b61968da6abf642

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pixel;r=1156895848;labels=keywords.URL%20shortener%2Ckeywords.create%20short%20links%2Ckeywords.branded%20domains%2Ckeywords.bulk%20link%20shortening;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Ftinyur...
pixel.quantserve.com/ 35 B
372 B 45ms
27ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1156895848;labels=keywords.URL%20shortener%2Ckeywords.create%20short%20links%2Ckeywords.branded%20domains%2Ckeywords.bulk%20link%20shortening;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Ftinyurl.com%2Fapp;uht=2;fpan=1;fpa=P0-1155997262-1689849272777;pbc=c326274a-e3d1-4449-a46a-511dcbd58881;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=tinyurl.com;dst=0;et=1689849272897;tzo=0;ogl=;ses=63e02425-02fd-457f-b5d3-98e84461d848;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200 882.json Show response
id5-sync.com/g/v2/ 241 B
646 B 73ms
25ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/882.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

f01ab609473a42c98897200b2331d03ea50b4ec0aa58f373ee62372d6563223a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tinyurl.com
date: Thu, 20 Jul 2023 10:34:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6570 572 B
801 B 73ms
27ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: cd239f81b8d4226d924836a33c09c459d94cdde346b0b8be8ed3bf734ad28eea

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 375
content-type: text/html
date: Thu, 20 Jul 2023 10:34:33 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 6570
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5198634508333833405

43 B
180 B

43ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5198634508333833405
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5198634508333833405
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 6570
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=57f8aae0-f509-c093-0af7-7a3fe1b6f47c
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=57f8aae0-f509-c093-0af7-7a3fe1b6f47c&dcc=t

43 B
568 B

34ms
34ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=57f8aae0-f509-c093-0af7-7a3fe1b6f47c&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 10:34:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KVB9PQK3VNFXZBFN7Y16
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 10:34:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S0YW0FC99W3PS2VC1FCG
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=57f8aae0-f509-c093-0af7-7a3fe1b6f47c&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 6570 70 B
264 B 35ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=0f2ed69d-e9a3-7b69-caf9-f8a889853f9c&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6570
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM0MTA1NTctMjBkNC0yNWNkLWRmMTktYTIxMTQzNjdmMWZj
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM0MTA1NTctMjBkNC0yNWNkLWRmMTktYTIxMTQzNjdmMWZj&google_tc=

170 B
232 B

39ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM0MTA1NTctMjBkNC0yNWNkLWRmMTktYTIxMTQzNjdmMWZj&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM0MTA1NTctMjBkNC0yNWNkLWRmMTktYTIxMTQzNjdmMWZj&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6570
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=

170 B
243 B

38ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
17 KB 496ms
496ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3213296179402536&correlator=2499481241795940&eid=31075148&output=ldjh&gdfp_req=1&vrg=202307170101&ptt=17&impl=fifs&iu_parts=15184186%3A34718310%2Ctinyurl_footer-multisize-2.0%2Ctinyurl_right-multisize-2.0&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C970x90%7C300x250%7C970x250%2C300x250%7C336x280%7C300x600&ifi=1&adks=3220195246%2C2873892524&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D8e3856%26floors_hour%3D10%26fs_placementName%3Dtinyurl_footer-multisize-2.0%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D2d5a0b%26floors_hour%3D10%26fs_placementName%3Dtinyurl_right-multisize-2.0%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3D0&eri=1&cust_params=fs_session_id%3Db84d4e2f-a4aa-42e2-8812-4ea5d80f0fc8%26fs_pageview_id%3D01ac70827e1ecbf7df9ebd0653f4bea3%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D19%26fs_clientservermask%3D21021211123132100211%26fs_testgroup%3Doptimised&sc=1&cookie_enabled=1&abxe=1&dt=1689849273154&lmt=1689849273&dlt=1689849270303&idt=1241&adxs=169%2C1252&adys=649%2C402&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftinyurl.com%2Fapp&frm=20&vis=1&psz=970x270%7C300x600&msz=970x270%7C300x620&fws=4%2C4&ohw=970%2C300&ga_vid=1138861471.1689849271&ga_sid=1689849273&ga_hid=537722849&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo7L2lpcxSABSAghkEhkKCnB1YmNpZC5vcmcY5bL2lpcxSABSAghqEsIBCghydGJob3VzZRKsAVJnUmFXVmh5d1pMcjNEd1hpRVRwWGN6aFVnbUx0cjhUNU1EUnE2MVlRUkFnQllWOGxvY2pNSDJzbTltaFNBOFVUT1RVT2V6RTlPdWpJekliK3dtKzVINlZ6NUdjTGhCQUR3RkhWR1gzYkN4bE1EUmlkYnFCODc0eUx5TlkxVTFQQzFpc1NBRC9aK0xQVmM1Zlg0YVB1L1NkbGdNM0J6SFVPQ29DdThMWWJlMD0Y17T2lpcxSAASPgoFb3BlbngSLGV5SnBJam9pTTBsTWNIaEZRV3RTU2paUlRIcENRVGRoU1UxWlVUMDlJbjA9GMm19paXMUgAEhsKDGlkNS1zeW5jLmNvbRiktPaWlzFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5f4d1806f4f2601c0f896980418aa080a28adcd83fef5cbc98b7c0c37e509d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17183
x-xss-protection: 0
google-lineitem-id: 6098419341,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402789309,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 135ms
75ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebfbd5089ed8397da1a71acdb83bc87bf8498e0a83d28ddda27b2196d0bcf4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11818
x-xss-protection: 0

GET
H2 200 container.html Show response
49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A5F5 6 KB
3 KB 120ms
34ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:34:33 GMT
expires: Fri, 19 Jul 2024 10:34:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 151ms
92ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 10:34:33 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 31ms
31ms Fetch
text/plain 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: e886175120629c7c9787dbdffe2ace753479a268b01b8ed82139db31df357013

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 123ms
122ms Preflight 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://tinyurl.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 20 Jul 2023 10:34:33 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D0D 13 KB
5 KB 29ms
26ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 3898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 09:29:35 GMT
expires: Fri, 19 Jul 2024 09:29:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6321 783 B
1 KB 174ms
114ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e6579ce3dd586da99bdd9c0ab30c88ef47f10fa1571c0a6f3f8202abab3331e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GQT8QUPccRKv_v9ijy_TVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-GQT8QUPccRKv_v9ijy_TVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:34:33 GMT
expires: Thu, 20 Jul 2023 10:34:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D0D 37 KB
14 KB 78ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 81ms
40ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Jul 2023 10:34:33 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BDBD 15 KB
6 KB 24ms
23ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tinyurl.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:34:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 294220
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 89ms
49ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Jul 2023 10:34:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F050 0
0 65ms
64ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMu7gjBtUB0GDv_LeD9ldBG20x_9NdEZTizXw6kDwAefc5RX6eLFPONgb9-zr1CPNjulkArn0-gBku5jJOVW4HRck7qf3n7ercIGgGW0JtS7lCXk0T0Vbl5b8VXcvmuPrdHKdWYjhyzmR-fdF472MkKEGo520iWcRy8TRpbvbHyInIvfyy6HUpHUW1fmUhuSHwt26O1VSRv4YezeS7VaiWKOzFTNwL3hTpXQ4WwIVEnxJNYUWuvoa4KuX3e-lo9DkXA5hI8Ek59pJdo5a1IBb6_6LoJ6etTBJq9BO0I-bBQFX_yOz5FQwuk8bs9quKDmBcCDX646NJnpGofbv9ZMn3R7nZnJC8jMX7F9amgxue&sai=AMfl-YSOvc5H72R_Ig_3yFud-998mPSf9KwZbdeGUjU6GlpWIzRqvCBYY7giqMHOu0RfPWyy8RrN6S-r10WmHaQF6a4Gf3SvineyeTPK8IA0Y-fgcCMLZ_XF8jO84fJc_95-B3NE1NBcDJiaERe68Iqw&sig=Cg0ArKJSzJPtweMeJDdZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 10:34:33 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame F050 231 KB
84 KB 621ms
376ms Script
application/x-javascript 23.213.169.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.169.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-169-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19dd174c21aa7f48a8581ddbdef32619d7e97073084f221d2edfcf3946f3fd64

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 11:48:20 GMT
etag: "14-p2G6zbJOHdid9k97wLHRlNwsEaA"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 5eb353545ee3f9dc9bde0c9314bfa5ef
timing-allow-origin: *, *
content-length: 85260
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F050 179 KB
57 KB 133ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 10:34:33 GMT

GET
H2 200 container.html Show response
49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 577D 6 KB
3 KB 27ms
26ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:34:33 GMT
expires: Fri, 19 Jul 2024 10:34:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fslogo-green.svg
a.pub.network/core/imgs/ 1 KB
1 KB 30ms
30ms Image
image/svg+xml 2606:4700::6812:14ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.pub.network/core/imgs/fslogo-green.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2290
x-guploader-uploadid: ADPycduyc9sfya8lEYz-GD5f6PVCMkpnS_EM4BXihwHWfHm2c0CW5CA9Bz0sJ9wLQ2TurCA3r6RI1vGOwbjpUsC7ULhOBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 08 Sep 2020 17:04:37 GMT
server: cloudflare
etag: W/"326d6cbd977657e1205bd616d1f2faca"
vary: Accept-Encoding
x-goog-hash: crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation: 1599584677716817
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 1193
cf-ray: 7e9a8d68be0a0481-CDG
expires: Thu, 20 Jul 2023 11:34:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6321 0
0 62ms
62ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307170101&jk=3213296179402536&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame BDBD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=tinyurl.com&sn=ChromeSyncframe&so=0&topUrl=tinyurl.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=61XCc3x0TE5kVVlXR292d1pnVklZWFkwM2tNdlJkVTZnRzlYRXNsREZ1MFdkdmJhQzFBVkxPdWVhODRRQUpjQTdMMkUzRnBHVkNPb2RNTGR1YlRBVzNIVnB4QjljaVdYS0FOVFN0NEFQc0xzWWFNT1lsRGVhaGdMRmF6Sm...

422 B
652 B

192ms
23ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=61XCc3x0TE5kVVlXR292d1pnVklZWFkwM2tNdlJkVTZnRzlYRXNsREZ1MFdkdmJhQzFBVkxPdWVhODRRQUpjQTdMMkUzRnBHVkNPb2RNTGR1YlRBVzNIVnB4QjljaVdYS0FOVFN0NEFQc0xzWWFNT1lsRGVhaGdMRmF6SmJmYVZQdXd6RmVBV3FtcWxWMnZyZXE3VDlmemV4TU82cTNYMUVpWjhENFNQR3VBUnVCQmJBYUxQRkRwNlE2MG1rQ0hsMnUxLzVnYzdyNUNmWEg5eEtteGJMOWZVL3MyMEh0dGFjOXZwcm03M1JqWFpFU2dhK2tmUDYzRmU3N1FPSnJDSGZpOTQwbkNxV09mblNsU2Z3YTF4RExKNUlEZz09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b1fd0eefc61d24460a7bcdd2eb2594d4b6b60fbb2b41ffef8ff4ec24d8de73b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1372804
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=61XCc3x0TE5kVVlXR292d1pnVklZWFkwM2tNdlJkVTZnRzlYRXNsREZ1MFdkdmJhQzFBVkxPdWVhODRRQUpjQTdMMkUzRnBHVkNPb2RNTGR1YlRBVzNIVnB4QjljaVdYS0FOVFN0NEFQc0xzWWFNT1lsRGVhaGdMRmF6SmJmYVZQdXd6RmVBV3FtcWxWMnZyZXE3VDlmemV4TU82cTNYMUVpWjhENFNQR3VBUnVCQmJBYUxQRkRwNlE2MG1rQ0hsMnUxLzVnYzdyNUNmWEg5eEtteGJMOWZVL3MyMEh0dGFjOXZwcm03M1JqWFpFU2dhK2tmUDYzRmU3N1FPSnJDSGZpOTQwbkNxV09mblNsU2Z3YTF4RExKNUlEZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 246852
content-length: 0
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D0D 0
10 B 27ms
26ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7GuWhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F573 624 B
556 B 71ms
68ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQt9SFAhjA_IDkATAB&v=APEucNUZH3_uGuXvtX5V_JeV2Udms_lf5pTEy7WIzw-U5ACywTns4-YTmywzKgdTcD7hElz6vWo7yJV7lzUK7sNvyD5nv2887Nr4-w6U0tls3cGf2ubalYP3y87VfU6VME-L6uikx_TwdUAr7HAEZCR1jMSc244A00O79wbmdnk0O301UOcs_EM

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:34:33 GMT
expires: Thu, 20 Jul 2023 10:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 577D 85 KB
29 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 10:34:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 577D 42 B
63 B 61ms
59ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1JvBO7aANy1qP5why8-Gkw34ZseXBQg53eVo5Taklqrs5uZBMrpMPX1efiCOXJGyfJV5SkTo-B1b3dEVIygfyk0Pw-SZqlkmPgnTwoZm-hBw-350

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 577D 0
20 B 62ms
60ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8571696537855165487&x=1&ct=76

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 577D 3 KB
1 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:14:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 10:14:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 577D 20 KB
8 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 21:41:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 577D 179 KB
56 KB 111ms
109ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 10:34:33 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 577D 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3573389810897&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 577D 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3573389810897&version=m202306200101&ct=76&x=1&cor=8571696537855165000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 577D 93 KB
37 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dvxrptk-JwnA5jEkqmxaOXf-pDg-t_NsQY0jrlMzjM0tl6PiSbEPxx64VTwEZfD5-umz7xLclRJXJR93j5-0y5_q2fezvNWZyPp7OySBDv_3MI18U&cry=1&dbm_d=AKAmf-BZOAgQfUH_B9UeUTDdHgO5yg-WWMYo5ksGHYVDyJIiM6Pdj_9m9EDQS4r14_KkxII7hJFfW-Njf5T_29iiT2vXQbs5U8gj0RvaBiiZjKg6azvVS9OpObZQTg1Yo2vr2f_eNW5qNDpMA7cfgMDPXui_5eVIVXE5hGNFnkQL_ZkwKK7vOcZ6TPz8bojG8ERqhJhGERGaYwQbKXeYPFnlwziQEYlWkzU5awOR8viZ1HPLhLT_ZcGPL4QBeHDspSidPK565hlPdu-TdSuEbLoqXGTSSBgamT0iUUMgavcPHMi98QyB1m3C2Led4Mj9YPubpWCQ6GTzLU0ieHVREOyKklyQopyyeSMaDklcjm_IxTkdzDVxuwuczJYodhRPqw0xKrgmW1MPIrTDjhlZvZRI8Cw-YJcwb9lP58TIyd_NoYtAtZ0wZLcHWKSgFZXU-kltXVA-ryiQ3MwWpijIGPKoQRfsLigmtgf403rmWPtZFW8EE7hFvMcoLpBW6ZqVPwjbrXerilGEdXoewsd9KqljqR4kgY3VJgGPaiRAWVzDEXR_JGMJyZ3B-SqDqZkxjtpi8oaQ5dPagmyyv8panmwD2BReeJecwN7Vk-ffK3xLPINpEe8xT14s30BaZIHSZYnPP_z8y4c-N7d8s-KjMUKAEkoGxGqBkr_Gxw1zO0pfiLL8jTnVseXtW72TOKK3WGfZMyzxGEVH2p0heWjgmhFNhgLP1hiOWZl0WjBoa4kOYtdDBbtvqup7_x0aMq7kxIXT9b6hMKAnjQb8ZHEVIEaEjdRYCB6cNOMd-1Txo4lWk1iGdQ19tXclCG0zD9Xp2plZeVvcku228XnjbCvsUPEbBD_wNy8KLeaX7AZsp74xTCDps_FdCHeG6TV8AW4bBkKwwizNTBwf28nK3a9-3kHCx2M0B9K9sZzVdnaXPk13Ikb9eojC2-F321LmSJ3yrLhZVud8vACkGoP6_nzGfAKiQlqN3AJGU5tt8-LzvTyTaKWiz9zPVg0668xbcYQW3nTSutSr-nY5jLGY-_qGUtST5q_cCYKsG0CXDDm2Oj8PCEMZLd9YUXSuB8fiUwF4gP2gwtxOWF8YoVa-Kukrrk0j8l57zPgqjtHnKZEFF3vPJ71_HyA0g1fsPvecjaPIMueQOaHDBbkNFFCSBogBOcrOtlIXV9wmeQZbdmqUZZpjXwWZY3oB1exVXdsJSujzVexTFbWDMybfce4_h1CrKYgI9SmHZ3aZfEN5j4q1B04dwme8PYa9wit4VAFlWrEA7CzngBOgONn3RjpfrihnzfNET4K6vSmBR2meXJ5nKrqg-jnSXSVTqc_wc6iHQ3l_rmEznwEa1xP_vg_K8XPGY3MXXsH6cixUjqHeTOeYLefGvAKGYrSdTHP64Hz4rLo1CvkzguukY_vZyoBD5pHN2LQwm4yI9SE-GDO41xgpsp9PbkiWJBYG6BaR-jC_C0NRqn_stGMiNTIs0mBmQZHyIG76l5XF9k0ViM21xdhUMPmOuNNwmpvZG3GJXFnaZL4bIes2Tm6mFW-ekF9zW8zz0uO80XdaDx9RuA36GFpUAgv3hQfh-tX58r3zT2dzl8tPtfliOuYQvmm12J88u11GSnc3zaEWXi4B-R9IMewDOPcj2wfiQjTeyGj1y-kF4bDK3zFRuZWl54YAC9xyKe-5DskQHLIAzeZhRiyCoSGRDcRsTuz3nyXhb0SA4jLZU_6L_3XJbtCvNd0PxuUeI02NiqooC9eiwO7O41ummGKvps5ZjJHvk87xP8p66oywlHOUHVkh7QAegvmn-2vC57JWku8GAJDpmSP2lCFWYzSOrIhrXElnjs5ryK69oJLljqYq34wPSll40GoNDIKaNuLYL7cExDCQh-Zn9Vtf-LpNulOoHs0lY5IO_a2tFN9lnP35Y7qcK2Zmqca2SGqbWgFiURK14LAVXijGRcq8k9-eg5vawE4FAKbH4vxpVIac0iMLNJZqW9WZvZSOayurGoq-tFsCUWRejqmcb64vkV5fdKOUpO7qRzzYu5Sz-P_PO7xg45b8OxqbsmLhlVxXO-RbPm6MgQnTVP40QQIbXOwKKXh8_y6f4-L4o11svepIytH7nWF4ljUK5N70t908hY_JrgOKZOBhDLpeVW4bEtJotXW2hWwPY3HKcgPRfZjGbqPW3FHJOAzk_Jhfqtd126LL8zf4_R2VYVSgaejRkSqAIXt2M6ugXtnMKFtJxvFSz01OH0RTH_khZGoTX4S-Qgi-nRno9sXbtsviQ2LfAayK20zBgR2HJQZjtQ2n7xqwM4FmKN7Y_Oa2lToQ21QsHAkMd7aMs6RROlR59UYq4PxHIT-Dhsu8x5D8cPP0Wvt6yOlFTn795L5L6SvxKC3eNHiS7-hkgK2ILvHUxFs6tiiAuKT_jJmCql8gs74rZaoQI9Ke64kwclXKvtQzAfvzRqjeh5hqkqMjUX_jHZKvsmJ5jdQ4zEKUDXR8ODhKV0gneOy0UxqsoWlWoj4cV2EU6VPJf4z5BRXFk5suw31Jkk8ELPZwy58QA1_P67E7NTelQorJ5L3vD7r0QaunVoag0fHrcRUqYdy0nChvVl87xMyd34Edi0WrEnVWf08qcBsTkP9J1rsMnG7YQzpIBCe2sg6mVnOQYnwKDqADLQfbayD4Cn1NbSQHdYo2cgpRHMhpYgVAWXrPgVC6c6zJZyiDUuZPn2x04Vtn7BdwvCHWSG6CIUWbmSURzTBXyQM-Yp3dubjQFGlAYCpYYN0pZGJbJdbxy5xZ5WHcso0TQ0FsPrFT1Z0TaRazYkXCKy-AmL9pMeMgbCpbEeAPbv3faVrLmsHLudac7WwGWHrSaUhes7OHe-v44h-S75Wb5nPOmn9ZwJuuYH7oeEmlR0t2ISqRz3CwCo2MMHStPyxTFRXwhL6f5hPm9FRRm5InK3NiKkNP4uB9NyW77ZMkD0fCHMOtqx41NPc6FqHc-znZCwca_VmxpytKoF5wVbUh_90VuDpvi04uVebbgNGMEYuGhAWILX8Hbt18iCmzMeGDuO2BFkGBqZl0_q_4DNOD-gcSsnTmXH4WgUeWHzJrSL6j0BJec_k63d70GJ3VcE-GAXyHzyjZxJeZC1xGO69jViDTuiaPNFPcSxCdUOrtyeNjbLmGBDNxdvEb-EzWE9BENPPbkzpycCjd-ujsiTJp9R-RIdPDQoyXfuPPouhZr8Gw2xpwWZ67ez3ID8poR3VacZvD7aybbbk2huXXtkeP1795TqK2BYBjp_PP-4PJGj2-&cid=CAQSTABpAlJWMvXSRN6isUoUk5HCHFtrIvVmF7XEN79AAUudRLE3_fWHVnMVHxRLVbGjlrc1uLSjzWG-1Qan6_wUz4whJX9-CZVYfpQPMfIYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Ftinyurl.com%2F&ds=l&xdt=1&iif=1&cor=8571696537855165000&adk=943508955&idt=114&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3db6dce461896e636d07bd993d1a1ac3efd0041b0f427f8bfd4ce9e904ed3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F050 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 773605e1314c59632e5f9b723d5480c1d92b7be228f2b57b4dc67471b4eb6235

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F573
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1

43 B
766 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQt9SFAhjA_IDkATAB&v=APEucNUZH3_uGuXvtX5V_JeV2Udms_lf5pTEy7WIzw-U5ACywTns4-YTmywzKgdTcD7hElz6vWo7yJV7lzUK7sNvyD5nv2887Nr4-w6U0tls3cGf2ubalYP3y87VfU6VME-L6uikx_TwdUAr7HAEZCR1jMSc244A00O79wbmdnk0O301UOcs_EM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 10:34:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 10:34:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F573
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLkNun-5r90c3EZaEtv6ZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

43 B
766 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQt9SFAhjA_IDkATAB&v=APEucNUZH3_uGuXvtX5V_JeV2Udms_lf5pTEy7WIzw-U5ACywTns4-YTmywzKgdTcD7hElz6vWo7yJV7lzUK7sNvyD5nv2887Nr4-w6U0tls3cGf2ubalYP3y87VfU6VME-L6uikx_TwdUAr7HAEZCR1jMSc244A00O79wbmdnk0O301UOcs_EM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 10:34:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F573 170 B
188 B 39ms
39ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQt9SFAhjA_IDkATAB&v=APEucNUZH3_uGuXvtX5V_JeV2Udms_lf5pTEy7WIzw-U5ACywTns4-YTmywzKgdTcD7hElz6vWo7yJV7lzUK7sNvyD5nv2887Nr4-w6U0tls3cGf2ubalYP3y87VfU6VME-L6uikx_TwdUAr7HAEZCR1jMSc244A00O79wbmdnk0O301UOcs_EM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F573
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0ODEyOTAyNDc0NDMzNDc2

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0ODEyOTAyNDc0NDMzNDc2

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:34 GMT
an-x-request-uuid: 724ef78a-0c63-45fd-b381-d9d913da4840
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0ODEyOTAyNDc0NDMzNDc2
x-proxy-origin: 178.33.144.179; 178.33.144.179; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 577D 172 KB
61 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
Origin: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 19:02:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/ Frame 577D 11 KB
4 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dvxrptk-JwnA5jEkqmxaOXf-pDg-t_NsQY0jrlMzjM0tl6PiSbEPxx64VTwEZfD5-umz7xLclRJXJR93j5-0y5_q2fezvNWZyPp7OySBDv_3MI18U&cry=1&dbm_d=AKAmf-BZOAgQfUH_B9UeUTDdHgO5yg-WWMYo5ksGHYVDyJIiM6Pdj_9m9EDQS4r14_KkxII7hJFfW-Njf5T_29iiT2vXQbs5U8gj0RvaBiiZjKg6azvVS9OpObZQTg1Yo2vr2f_eNW5qNDpMA7cfgMDPXui_5eVIVXE5hGNFnkQL_ZkwKK7vOcZ6TPz8bojG8ERqhJhGERGaYwQbKXeYPFnlwziQEYlWkzU5awOR8viZ1HPLhLT_ZcGPL4QBeHDspSidPK565hlPdu-TdSuEbLoqXGTSSBgamT0iUUMgavcPHMi98QyB1m3C2Led4Mj9YPubpWCQ6GTzLU0ieHVREOyKklyQopyyeSMaDklcjm_IxTkdzDVxuwuczJYodhRPqw0xKrgmW1MPIrTDjhlZvZRI8Cw-YJcwb9lP58TIyd_NoYtAtZ0wZLcHWKSgFZXU-kltXVA-ryiQ3MwWpijIGPKoQRfsLigmtgf403rmWPtZFW8EE7hFvMcoLpBW6ZqVPwjbrXerilGEdXoewsd9KqljqR4kgY3VJgGPaiRAWVzDEXR_JGMJyZ3B-SqDqZkxjtpi8oaQ5dPagmyyv8panmwD2BReeJecwN7Vk-ffK3xLPINpEe8xT14s30BaZIHSZYnPP_z8y4c-N7d8s-KjMUKAEkoGxGqBkr_Gxw1zO0pfiLL8jTnVseXtW72TOKK3WGfZMyzxGEVH2p0heWjgmhFNhgLP1hiOWZl0WjBoa4kOYtdDBbtvqup7_x0aMq7kxIXT9b6hMKAnjQb8ZHEVIEaEjdRYCB6cNOMd-1Txo4lWk1iGdQ19tXclCG0zD9Xp2plZeVvcku228XnjbCvsUPEbBD_wNy8KLeaX7AZsp74xTCDps_FdCHeG6TV8AW4bBkKwwizNTBwf28nK3a9-3kHCx2M0B9K9sZzVdnaXPk13Ikb9eojC2-F321LmSJ3yrLhZVud8vACkGoP6_nzGfAKiQlqN3AJGU5tt8-LzvTyTaKWiz9zPVg0668xbcYQW3nTSutSr-nY5jLGY-_qGUtST5q_cCYKsG0CXDDm2Oj8PCEMZLd9YUXSuB8fiUwF4gP2gwtxOWF8YoVa-Kukrrk0j8l57zPgqjtHnKZEFF3vPJ71_HyA0g1fsPvecjaPIMueQOaHDBbkNFFCSBogBOcrOtlIXV9wmeQZbdmqUZZpjXwWZY3oB1exVXdsJSujzVexTFbWDMybfce4_h1CrKYgI9SmHZ3aZfEN5j4q1B04dwme8PYa9wit4VAFlWrEA7CzngBOgONn3RjpfrihnzfNET4K6vSmBR2meXJ5nKrqg-jnSXSVTqc_wc6iHQ3l_rmEznwEa1xP_vg_K8XPGY3MXXsH6cixUjqHeTOeYLefGvAKGYrSdTHP64Hz4rLo1CvkzguukY_vZyoBD5pHN2LQwm4yI9SE-GDO41xgpsp9PbkiWJBYG6BaR-jC_C0NRqn_stGMiNTIs0mBmQZHyIG76l5XF9k0ViM21xdhUMPmOuNNwmpvZG3GJXFnaZL4bIes2Tm6mFW-ekF9zW8zz0uO80XdaDx9RuA36GFpUAgv3hQfh-tX58r3zT2dzl8tPtfliOuYQvmm12J88u11GSnc3zaEWXi4B-R9IMewDOPcj2wfiQjTeyGj1y-kF4bDK3zFRuZWl54YAC9xyKe-5DskQHLIAzeZhRiyCoSGRDcRsTuz3nyXhb0SA4jLZU_6L_3XJbtCvNd0PxuUeI02NiqooC9eiwO7O41ummGKvps5ZjJHvk87xP8p66oywlHOUHVkh7QAegvmn-2vC57JWku8GAJDpmSP2lCFWYzSOrIhrXElnjs5ryK69oJLljqYq34wPSll40GoNDIKaNuLYL7cExDCQh-Zn9Vtf-LpNulOoHs0lY5IO_a2tFN9lnP35Y7qcK2Zmqca2SGqbWgFiURK14LAVXijGRcq8k9-eg5vawE4FAKbH4vxpVIac0iMLNJZqW9WZvZSOayurGoq-tFsCUWRejqmcb64vkV5fdKOUpO7qRzzYu5Sz-P_PO7xg45b8OxqbsmLhlVxXO-RbPm6MgQnTVP40QQIbXOwKKXh8_y6f4-L4o11svepIytH7nWF4ljUK5N70t908hY_JrgOKZOBhDLpeVW4bEtJotXW2hWwPY3HKcgPRfZjGbqPW3FHJOAzk_Jhfqtd126LL8zf4_R2VYVSgaejRkSqAIXt2M6ugXtnMKFtJxvFSz01OH0RTH_khZGoTX4S-Qgi-nRno9sXbtsviQ2LfAayK20zBgR2HJQZjtQ2n7xqwM4FmKN7Y_Oa2lToQ21QsHAkMd7aMs6RROlR59UYq4PxHIT-Dhsu8x5D8cPP0Wvt6yOlFTn795L5L6SvxKC3eNHiS7-hkgK2ILvHUxFs6tiiAuKT_jJmCql8gs74rZaoQI9Ke64kwclXKvtQzAfvzRqjeh5hqkqMjUX_jHZKvsmJ5jdQ4zEKUDXR8ODhKV0gneOy0UxqsoWlWoj4cV2EU6VPJf4z5BRXFk5suw31Jkk8ELPZwy58QA1_P67E7NTelQorJ5L3vD7r0QaunVoag0fHrcRUqYdy0nChvVl87xMyd34Edi0WrEnVWf08qcBsTkP9J1rsMnG7YQzpIBCe2sg6mVnOQYnwKDqADLQfbayD4Cn1NbSQHdYo2cgpRHMhpYgVAWXrPgVC6c6zJZyiDUuZPn2x04Vtn7BdwvCHWSG6CIUWbmSURzTBXyQM-Yp3dubjQFGlAYCpYYN0pZGJbJdbxy5xZ5WHcso0TQ0FsPrFT1Z0TaRazYkXCKy-AmL9pMeMgbCpbEeAPbv3faVrLmsHLudac7WwGWHrSaUhes7OHe-v44h-S75Wb5nPOmn9ZwJuuYH7oeEmlR0t2ISqRz3CwCo2MMHStPyxTFRXwhL6f5hPm9FRRm5InK3NiKkNP4uB9NyW77ZMkD0fCHMOtqx41NPc6FqHc-znZCwca_VmxpytKoF5wVbUh_90VuDpvi04uVebbgNGMEYuGhAWILX8Hbt18iCmzMeGDuO2BFkGBqZl0_q_4DNOD-gcSsnTmXH4WgUeWHzJrSL6j0BJec_k63d70GJ3VcE-GAXyHzyjZxJeZC1xGO69jViDTuiaPNFPcSxCdUOrtyeNjbLmGBDNxdvEb-EzWE9BENPPbkzpycCjd-ujsiTJp9R-RIdPDQoyXfuPPouhZr8Gw2xpwWZ67ez3ID8poR3VacZvD7aybbbk2huXXtkeP1795TqK2BYBjp_PP-4PJGj2-&cid=CAQSTABpAlJWMvXSRN6isUoUk5HCHFtrIvVmF7XEN79AAUudRLE3_fWHVnMVHxRLVbGjlrc1uLSjzWG-1Qan6_wUz4whJX9-CZVYfpQPMfIYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Ftinyurl.com%2F&ds=l&xdt=1&iif=1&cor=8571696537855165000&adk=943508955&idt=114&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:38:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame 577D 30 KB
11 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:38:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 577D 41 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:41:24 GMT

GET
DATA 200
OK truncated
/ Frame 577D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3896fc589ac4954b51e8c867469c4ba8ff916357495e88b95e0261f7e2a4d947

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 58C4 22 KB
8 KB 26ms
25ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 46390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 21:41:24 GMT
expires: Thu, 18 Jul 2024 21:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 58C4 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 14 KB
4 KB 87ms
34ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4e44ecc2ef7c1fd208177141079346e80660ac69b535f9448589333383e4cd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3829
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:34:34 GMT
expires: Fri, 19 Jul 2024 10:34:34 GMT
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 577D 0
0 149ms
71ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1UjaS9WuDzNFASqG1MbhlZh1RL8_ZzaJA9IvMbk-Gf1uS3FfC2zS55O-bCRbTnlbpBTrAtAkuO8JQx-vg0zx8ism8P8LJ003aLDAAS5pddwvt3Sa7UDjWCHo8LbCGoXoJYvhQFqh1aGxl7glMkpZ8zv3niBffxqoohi6QUQnBSUXq7Q2FqwAgw2mBA_4esP5nzrwi_bNbQptPnNcmKsFa4F1D6nnm5u28PIHXA40FZg9YkxDleTTevRrefBatkmHkeezB6-gRdGnBWRjJBLyQPcTmyw74UJPrMrsBcEpnwqQJlH4C7U_wt4JdyAdOOnZHwx9HbCTGaeiwVlmklVvvx78_4rDc2iWqtpCrXW2aBV9NFf8cNiVx6aXL3ygGgvBxXQ-MRHgrLfv1M94f9Zi5Muh76lY30esm8FuzoTWSgTbFTjSR5TC1z98gLw1XH-62qF2lItMXGLkxDf0dMrTISYNlE19tY2o4PkhrIEd9X4s9NGNTxqDo63hWKQtq_hZZnD-VkgRZFDs4KoKv_QYrOPMo0s68pqzTyLOUyDuYDWi-EuIV3jo3kYDd-7fu5kq_Y129ZUP21Gc6tDXTKkz301RXK8nr2JrRcouR9cP3bwh66Axu2-T5v34Ok85kAEznuGKtQZwGku5s7PH6bRc2ARzWQSb3v7krZWbhYqixzdrX5yRRMDINE6_o92PZUqDK7m1Xg7VzyKZdSHLDZi3aXBFNzt9sGA5TdmnHqsBsC1Mpuryn05sPcpyhKiIAGc20nAr9H5GDsybxGtbLYzXz0d60H3OHCOHW01Wei_-JcSTQ2G6QgS_OTScolHfOO2W7SOHo1lLpn7aac5lWKg_bRBullVdukbFquOnEub-jgR63Uuc1K-Tdo44A2HKl-1M2HhB9O2BCJuooGy78vwXqRgYEp8eiZPXlicjZGfzgTvFrsbOsTowKhTCGl_dsPiVFPx0oeEZB6zZWQ83aIMRdkyS2qPQoMCTtOq4A-9fqsPD4MMERCEHtQtnP-H2QRCnIl7GmHLI-3P5CO01S7D-Q_ms1yzHRna-YsGb8VZlliGmPd18UcdLFcR-eLbOWqryaM-PfEJGd_-7v7jFVjA6EBv4VstupPqHe06tCaRIYCfwf7lp_vYWgywDQxobI414GIbfLPY7DxN0QBN5a-NCRWAA81gVaLkaasEpW3lZmTcPI7zlxLkkl7DEyfPa3DdeXgFb2lvJRalaxQXK4x2cfwQUqUC8SnzLCNlKCdWJBp-_f-gRlr3V810c6DkckJ9SvE6IY&sai=AMfl-YSmmjrfn3T1tJKcQ8ftuKxetjJDnHQfHcBIQ_85yvkX4KGHbvWazhVRIy7AlQX6IS7W0ArVFQSuhhmhZjq9CyzwlIP6wzEFwQV-eIH_4XSEm2P5stpTWpmKsNoLknr9Z_2TAGDyuOPqpV4yRejV7wEJHRsDnXG67AoGYCEhE-Tez0bmSXAjwnbcjBoz3dI0PsQ5MXQMYVeImU2uod96L0Pi6p2c5lB6KhjhPTMriazPo1jYlV2-w6aQLhHUFcTtG9g729xbhZUcBt8heNOnUy8WxNd9LXaFbQcQeNghbmXhPaIA1bdd5KFlSUy2uw&sig=Cg0ArKJSzIU6Ns9RBf-JEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=150&cisv=r20230718.21682&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 10:34:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 20 Jul 2023 10:34:34 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 5 KB
2 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 00:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1887
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 00:37:44 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 4 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ea4bbd91e20606eb8495bd08b0da5f88d48db0b9616d8faa52f947391c4d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jul 2024 16:13:16 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1967 118 KB
40 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 19:02:44 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1967 57 KB
23 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 10:34:34 GMT

GET
H3 200 static-doodle.png
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 2 KB
2 KB 30ms
29ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/static-doodle.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

638a4a197f998da8f8d0ea2e5562732c97566ef561b4f742961fb23ea72e8ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:00:20 GMT
x-content-type-options: nosniff
age: 585254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2376
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jul 2024 16:00:20 GMT

GET
H3 200 gradient1.png
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 7 KB
7 KB 29ms
28ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/gradient1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c31c9350809bd2372d2514166d8497b669bca0b96e2aefdbeb7f856e982cda13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 22:07:08 GMT
x-content-type-options: nosniff
age: 390446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6834
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jul 2024 22:07:08 GMT

GET
H3 200 gradient2.png
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 5 KB
5 KB 31ms
30ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/gradient2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33c5ecb41a207f217841973b4af3b5fcbf30de6a9c76296f29963b0f3caf6058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:00:20 GMT
x-content-type-options: nosniff
age: 585254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5287
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jul 2024 16:00:20 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 26 KB
10 KB 26ms
26ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c89b2c4e3b2a14c8cbce7de23753253297ce0ba0b0496497e63c6a1d095e6349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147192
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10715
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jul 2024 17:41:22 GMT

GET
H3 200 splittext.min.js Show response
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 5 KB
3 KB 26ms
26ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/splittext.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a3a93ff195fb60e6bffb8600751899ca4743fe21f8c4c139bb504689e13d0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 18:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2535
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 18:10:15 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 7 KB
2 KB 28ms
27ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9438e23e6ec52be3831cbc58d271060266b91b48d9e5d487065b1488618a854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2272
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jul 2024 16:13:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58C4 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4MlsuQ25ZOnTOM6XjuwP9Me8kAwAAAAAOAHgBAI&bg=!RUalRhLNAAa3SiIRl0o7ADkAdvg8Wp35xObLul_9EjqteLIS6l1e48I2tFaS-mQ_vm9wDV4yVlGByOsF6k6bO8oUUEnVZe1FaysCAAAAZFIAAAAKaAEHmQLm6ZEyWgeHh6zy0nk2z-_VjhApLMQLaDz3SmbTUT-gPfiq-k8BXByzdZN555XkADThzSsuxdbE1xiehVNg6v_jQwK2EFATygeFEAAjsizMyroZ0Mw0e8t33TL-p5YmP-DYm-ETvh43KPrMX-DNkP1frru-SAZs3DT3tuZfgnG4a-5SEYf-avsKaC5ueGpW3OFvoBKZ36SpTTpQXQmyFIVPT2vNHn-69rIAhLUpFUlJf4L4wcuagYo51PmS34msB8WJ36Fq8mItghQ-rfDPTdXV4kGrPrOMt-J7GZKZV_LJO9bhKb_dnAW2YvVqfaWfDLRoVFIF38ELzlrzJgHsUq1dT__puav54lJXhNXOukBXvkHeoIiJGTrs4cgvbztT96K610C0I2t4ACsiZ2cAmvhLCc_IYbGUxAKkgBOv6ylEOIDUDL6pGNoy6_1kmNlku1bFkEcmBuXGhdXv6zAfqnOUyJmhylqxxLpiduQnZYgb-_AIbehzJXsTjCSufzAjPLOnhbiaYkIBuO9oH3ObCl8PRFC4wdt0TPmMMfGcvJsSaNTKINJoMBmORWDWA4BxLoysLG6wru1HeKfivzBVcIH9DZSGyaBwQ6xjYJETlF5IPiZYDkSLyRqIb220MRs0xj3UorHyiKlL5mUiUABEZm_VWDDU6x0UysYqHZe_eGg4S8Ll8Z66v0pTeBxVOrtIVZjHj0EXaqo2bS6krIwXOgdObL5dPVmPtEfbOfwjCzRe0921weGO4cIks60Xu8xqK1XE25M8bkjkwBXyP4X_FWI4XKg2IF_mNNJM0cBmhI3Biz_kzqLcu6Ly4LrR2hNW77rfp3GD4Sh8ZHTj8IENLgWS_f7p3O6b00onqG-R4gpOz-_YzZcclaEwTJD4OLlDbKZFCPOGSDmMEzek18ZxPvARfpzsyi2fPLOQqPaTq4I5UZjihCw69DQrCdKL6zeS65lQ1exDY0PlKrx6L39b20Qn0GR1kAhOQQ

Requested by

Host: 49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
URL: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307170101&jk=3213296179402536&bg=!5eal5rLNAAa3SiIRl0o7ADkAdvg8WqIE8Y0HEy4-LihQo74vdS0cEPVz3ova537CixkFRuZ7AcqDT8pOpOpnhIwKKiPp4FKisW0CAAAAtFIAAAAHaAEHmQKkGWON1VWZ92E4PzQldcQohY-U8yZBhpLNrIzVGMnyjB1vOH8wuZ_EXPRhr3gJs467q-2_k32jyh4FZS9GEH6Swg7ddjdB0wXIoH9gdOXnZqcOWz6-AfKFXv-1dyvmME97umFjVMLV26lAHRDbpKL8nnopCJTRho5n3NXD6ZvfqxJnBD3ruew6fkb88bCE5p-wlyxQhW-vw5kXVuMKTo05Kb4D-Z_b8fvgSAnVoXQkE_Ufi3l23wE3K9w8mwJMpLWTqvpzY6ddWs_9RV5vjv69lb0cMkg5v_WB_bbX5ohtuVd46YmRG-Vhp6SvbZ8n9K8B1pVQhtyeHwx4ya5NS8beI1tbHT6TQcHQncN8Y9ai1m03thtp_VSMgM4wYyv7bQhg7m-ApCl5TyH7gBGuHA6zDKAtMl_PmZKmMkYxQPMSMod9ykwrLaIofC2ggF7U5uN4rBk4oZh3nrsFypm-3MVUdanGK9dRNL6Hxb0s4q_v-6S_iTPA32xQGaCP5NgZpJB5mNThjxkqrA9RcKvmSCKUuAdDJ2lbL2tDUaLsn-udTQ4eB3b58UrxLxAl-WWI5R8ad6cVA9Y13ZmgCHX3YyZOG6vwKEyEUJbg9ggrbLWJsGZbverNGNoM4ZStKfnNKyfNtqLL6GyEDRZkcKC06QlLO0DT-BI98XJ0yAUgJwmRBEnA3r34PjfuiIzUp0-VUm76MjmJakuFh2Ot6p5dUCF5bRrjLITPtOr6u1hpHScqOcWjL3cJoueY9o99cNainrr3QXtYuNIl6HGywN64JYxjKsVUh4MLqEjF9RZE7WyQK9jX10MRNuHKlikRuwni20WBACT7SzGgpcDhyNcv5tUobpJop4AuMKQ58ogfxxpKk0lqAwO2VINrCZiaQhbjNTPLNHvQjQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 200 Roboto-Bold.woff
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 67 KB
67 KB 27ms
26ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/Roboto-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb4630bd42246fedfd677e82b723af1cd563d9d6203bcf3d79701128a5d5b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/adStyle.css
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:09:57 GMT
x-content-type-options: nosniff
age: 584677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68428
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jul 2024 16:09:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1967 7 KB
6 KB 69ms
68ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9ef7042414e58a4b4a6b6dc829c5b6b7a1e0153ad03a92e2043d622dd50c9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5785
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 577D 0
0 65ms
64ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1UjaS9WuDzNFASqG1MbhlZh1RL8_ZzaJA9IvMbk-Gf1uS3FfC2zS55O-bCRbTnlbpBTrAtAkuO8JQx-vg0zx8ism8P8LJ003aLDAAS5pddwvt3Sa7UDjWCHo8LbCGoXoJYvhQFqh1aGxl7glMkpZ8zv3niBffxqoohi6QUQnBSUXq7Q2FqwAgw2mBA_4esP5nzrwi_bNbQptPnNcmKsFa4F1D6nnm5u28PIHXA40FZg9YkxDleTTevRrefBatkmHkeezB6-gRdGnBWRjJBLyQPcTmyw74UJPrMrsBcEpnwqQJlH4C7U_wt4JdyAdOOnZHwx9HbCTGaeiwVlmklVvvx78_4rDc2iWqtpCrXW2aBV9NFf8cNiVx6aXL3ygGgvBxXQ-MRHgrLfv1M94f9Zi5Muh76lY30esm8FuzoTWSgTbFTjSR5TC1z98gLw1XH-62qF2lItMXGLkxDf0dMrTISYNlE19tY2o4PkhrIEd9X4s9NGNTxqDo63hWKQtq_hZZnD-VkgRZFDs4KoKv_QYrOPMo0s68pqzTyLOUyDuYDWi-EuIV3jo3kYDd-7fu5kq_Y129ZUP21Gc6tDXTKkz301RXK8nr2JrRcouR9cP3bwh66Axu2-T5v34Ok85kAEznuGKtQZwGku5s7PH6bRc2ARzWQSb3v7krZWbhYqixzdrX5yRRMDINE6_o92PZUqDK7m1Xg7VzyKZdSHLDZi3aXBFNzt9sGA5TdmnHqsBsC1Mpuryn05sPcpyhKiIAGc20nAr9H5GDsybxGtbLYzXz0d60H3OHCOHW01Wei_-JcSTQ2G6QgS_OTScolHfOO2W7SOHo1lLpn7aac5lWKg_bRBullVdukbFquOnEub-jgR63Uuc1K-Tdo44A2HKl-1M2HhB9O2BCJuooGy78vwXqRgYEp8eiZPXlicjZGfzgTvFrsbOsTowKhTCGl_dsPiVFPx0oeEZB6zZWQ83aIMRdkyS2qPQoMCTtOq4A-9fqsPD4MMERCEHtQtnP-H2QRCnIl7GmHLI-3P5CO01S7D-Q_ms1yzHRna-YsGb8VZlliGmPd18UcdLFcR-eLbOWqryaM-PfEJGd_-7v7jFVjA6EBv4VstupPqHe06tCaRIYCfwf7lp_vYWgywDQxobI414GIbfLPY7DxN0QBN5a-NCRWAA81gVaLkaasEpW3lZmTcPI7zlxLkkl7DEyfPa3DdeXgFb2lvJRalaxQXK4x2cfwQUqUC8SnzLCNlKCdWJBp-_f-gRlr3V810c6DkckJ9SvE6IY&sai=AMfl-YSmmjrfn3T1tJKcQ8ftuKxetjJDnHQfHcBIQ_85yvkX4KGHbvWazhVRIy7AlQX6IS7W0ArVFQSuhhmhZjq9CyzwlIP6wzEFwQV-eIH_4XSEm2P5stpTWpmKsNoLknr9Z_2TAGDyuOPqpV4yRejV7wEJHRsDnXG67AoGYCEhE-Tez0bmSXAjwnbcjBoz3dI0PsQ5MXQMYVeImU2uod96L0Pi6p2c5lB6KhjhPTMriazPo1jYlV2-w6aQLhHUFcTtG9g729xbhZUcBt8heNOnUy8WxNd9LXaFbQcQeNghbmXhPaIA1bdd5KFlSUy2uw&sig=Cg0ArKJSzIU6Ns9RBf-JEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=376&vt=11&dtpt=218&dett=3&cstd=150&cisv=r20230718.21682&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 10:34:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1967 17 KB
6 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 10:34:34 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 31ms
31ms Fetch
text/plain 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: e886175120629c7c9787dbdffe2ace753479a268b01b8ed82139db31df357013

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 30ms
30ms Preflight 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://tinyurl.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 20 Jul 2023 10:34:34 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H3 200 London_1.jpeg_1679956776840_London_1.jpeg
s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/637ccc2309df5cb7a9ead63b/original/ Frame 1967 231 KB
231 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/637ccc2309df5cb7a9ead63b/original/London_1.jpeg_1679956776840_London_1.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16d4d5f6575d856fd06a54c7f67da63f187caa4abdf5e4a6f5cb213597318796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:06:25 GMT
x-content-type-options: nosniff
age: 16089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236113
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:39:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 06:06:25 GMT

GET
H3 200 London_A2.jpeg_1679956776840_London_A2.jpeg
s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/63bd95da3146c8a37725318f/original/ Frame 1967 438 KB
438 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/63bd95da3146c8a37725318f/original/London_A2.jpeg_1679956776840_London_A2.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c108e39060d22b1d00a13bed427e1d9df226b4862bcf3c0981edbb315ba46548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:57:56 GMT
x-content-type-options: nosniff
age: 592598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 448762
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:39:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 13:57:56 GMT

GET
H3 200 London_3.jpeg_1679956776840_London_3.jpeg
s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/6409d68fb15bdc6c12afb2e7/original/ Frame 1967 446 KB
446 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/6409d68fb15bdc6c12afb2e7/original/London_3.jpeg_1679956776840_London_3.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cab6bef066beaeda5c2b28bed92745944a8ff157df5e1cdd395ad92acb41111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:57:56 GMT
x-content-type-options: nosniff
age: 592598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 456746
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:39:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 13:57:56 GMT

GET
H3 200 blank.png_1679956776840_blank.png
s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/6318848867d6c1b497193ee8/original/ Frame 1967 927 B
956 B 56ms
55ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v3/partners/62c2fe4fd2383e52bc440aff/assets/singleFiles/6318848867d6c1b497193ee8/original/blank.png_1679956776840_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:51:09 GMT
x-content-type-options: nosniff
age: 585805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:39:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:51:09 GMT

GET
H3 200 sunny-ico.png_1679956776840_sunny-ico.png
s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v2/partners/62c2fe4fd2383e52bc440aff/assets/concepts/6310b51367d6c130d20fa9eb/templates/63347930690e357a938edbcc/content/ Frame 1967 2 KB
2 KB 57ms
56ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v2/partners/62c2fe4fd2383e52bc440aff/assets/concepts/6310b51367d6c130d20fa9eb/templates/63347930690e357a938edbcc/content/sunny-ico.png_1679956776840_sunny-ico.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2e9b9928610c087592b74ac222151ee41ee3231c790dd820822f7c40a193a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:00:22 GMT
x-content-type-options: nosniff
age: 585252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2402
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:39:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 16:00:22 GMT

GET
H3 200 gyg_logo.png_1679956776840_gyg_logo.png
s0.2mdn.net/dynamic/2/11057726/cdn.ad-lib.io/v2/partners/62c2fe4fd2383e52bc440aff/assets/concepts/6310b51367d6c130d20fa9eb/templates/63347930690e357a938edbcc/content/ Frame 1967 11 KB
11 KB 58ms
57ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3c9eeaecae2f4296a20fa7551239fa82d1862d86f9e649a81630555b1fc7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/index.html?e=69&leftOffset=0&topOffset=0&c=XSV6dO1nhd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 01:09:47 GMT
x-content-type-options: nosniff
age: 465887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10910
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:39:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Jul 2024 01:09:47 GMT

GET
H3 200 GTEestiProDisplay-Bold.woff
s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/ Frame 1967 67 KB
67 KB 30ms
29ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/GTEestiProDisplay-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684e3bdd0b48d1a7bf9cfc11024cdb3ccbed72899fd39c3f7976a4c1c84bd70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17236569927788265472/300x600-Things_To_Do/adStyle.css
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:00:03 GMT
x-content-type-options: nosniff
age: 585271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68136
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 01:21:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jul 2024 16:00:03 GMT

GET
H/1.1 200
OK dGlueXVybC5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ Frame F050 16 B
464 B 103ms
30ms XHR
application/json 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/dGlueXVybC5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 10:34:34 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=29774
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 4db1b698d4531b0edff25e0a966f67d2
Content-Length: 16
Expires: Thu, 20 Jul 2023 18:50:48 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame F050 43 B
371 B 50ms
28ms Image
image/gif 23.213.169.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.169.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-169-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Sat, 19 Aug 2023 10:34:34 GMT
date: Thu, 20 Jul 2023 10:34:34 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 331A 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F050 0
0 120ms
65ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnlSU_9Yz3gumx3Y38Pr2IyBHWb7YK4JjtdblnPVs4kVCD5qtLR0hjIYK9lRJpXzpHpK0dyX0tyWSlVj3gs1KZuvosfWtsVVQvFzsitz88jWekCF1SamZs_KEPGCR03jOS_6n6NK55y0_9qxBO0uRBn-mC5-7eLvNnN8vuev1_EQwzFQV4VF2pGeQwA4NBrz1l9BblUpGUHGXWHDU7aG789iO4gKCmWeDFRaUhYZWUHwgVLxv5Hs3m7NZDNhicn8OkfQQhrJvT9ZMHyjvEkZ_Da-FeJtMsIrtfsl8XYi_CTsMUutTlAMMgIvfsgp_C-751-zjdN1XPhc2Vh832Uzt-Ntsg&sai=AMfl-YTGxzJ4TurPfKtHRNf-KXPBGV-Trom2fQHzD_vEJR0ASbzACXosqnVqUTc1JSaKhmy3XTciuJ-_Y_gzh9RAaP9w15odxGWTKqYT-CV2quSbIi8SlF2VgdBihz3nxGdux02aOt_n6s8dcePuIFsr&sig=Cg0ArKJSzHu_9dSsYQ2aEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 10:34:34 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame F050 24 KB
9 KB 215ms
146ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Ftinyurl.com%2Fapp&idx=0&rand=70115&widgetJSId=AR_3&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=970&settings=true&recs=true&key=FREES104AH2PELD73BHE4H9I0&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010376&sig=WLR27Rok&apv=false&osLang=en-US&winW=970&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Ftinyurl.com%2Fapp&ogn=https%3A%2F%2Ftinyurl.com%2Fapp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9a225cc19dac5c9747959544304eb5b4cb6c65e3ce2ccb14c3627af0ca38428

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 20 Jul 2023 10:34:34 GMT
content-encoding: br
via: 1.1 varnish
traffic-path: NLDC1, FRA, Europe3
x-timer: S1689849275.703168,VS0,VE120
vary: Accept-Encoding, User-Agent
x-cache: MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-fra-etou8220078-FRA
x-traceid: b54515b971c96411df66a0288b805341
accept-ranges: bytes
content-length: 8410
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame F050 2 KB
3 KB 27ms
26ms Image
image/png 23.213.169.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.169.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-169-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Sat, 19 Aug 2023 10:34:34 GMT
date: Thu, 20 Jul 2023 10:34:34 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F050 990 B
1 KB 27ms
27ms Image
image/svg+xml 23.213.169.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.169.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-169-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Sat, 19 Aug 2023 10:34:34 GMT
date: Thu, 20 Jul 2023 10:34:34 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nldc1.outbrain.com/ Frame F050 2 B
381 B 113ms
28ms Fetch
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nldc1.outbrain.com/l?token=52bb18b3b0fefe3a6a008dc2018e2411_203177_1689849274806&tm=333&eT=0&widgetWidth=970&widgetHeight=250&widgetX=0&widgetY=0&wRV=2010376&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=218&oo=true&lo=808&obreq=254&odbreq=932&odbres=1150&cet=4g&to=1689849273688&umv=1&ll=0&chs=2&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 10:34:34 GMT
content-encoding: gzip
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: bbb49b3dd956068e79cd1c56ee458265
Content-Length: 28

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 0789 4 KB
2 KB 27ms
27ms Document
text/html 23.213.169.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.169.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-169-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Thu, 20 Jul 2023 10:34:34 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Thu, 27 Jul 2023 10:34:34 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6ImZjY2U3MmNhMDY2OThmMDNkN2MwODkyZTU1YmU1MjY2YmY0MWZhODcyOTdlMmFlMjNkMmY2ZTVlNDA0MWI5MDkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame F050 8 KB
8 KB 87ms
28ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZjY2U3MmNhMDY2OThmMDNkN2MwODkyZTU1YmU1MjY2YmY0MWZhODcyOTdlMmFlMjNkMmY2ZTVlNDA0MWI5MDkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: addadcbbd0c9de948c2f157f70983610a576b30777859528ea21ed26c6d3408c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
last-modified: Thu, 08 Jun 2023 08:35:07 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=992548
access-control-allow-credentials: false
x-traceid: 61627bded1cff5672670f0af30d59245
timing-allow-origin: *, *
content-length: 8456

GET
H2 200 eyJpdSI6IjNmZGNmOThmMzM1OGIwMTI1YjY1ZGJkZGVlMGNkOWUyOWVjZmE0M2I0ODNlNTllMDJmMTViMmYxODFkZDMzZGEiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame F050 8 KB
8 KB 111ms
52ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNmZGNmOThmMzM1OGIwMTI1YjY1ZGJkZGVlMGNkOWUyOWVjZmE0M2I0ODNlNTllMDJmMTViMmYxODFkZDMzZGEiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: caa1c94be64cc27b824ff446d84cd2a2a40ee6a7dc5bab33faa3b41595732d76

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
last-modified: Tue, 04 Jul 2023 08:16:10 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1416570
access-control-allow-credentials: false
x-traceid: 4003eed3780caefdaadb9b0f6e5a1614
timing-allow-origin: *, *
content-length: 8078

GET
H2 200 eyJpdSI6ImU0ODFmOWE2ODQ2NzNkNTFmNGQ0YTY1NDgyNTExMWEwODRlMzU4NjNhN2I3OGYyYzNlNjEzZjFjYWNjODcxNjkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MywiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame F050 10 KB
11 KB 86ms
27ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU0ODFmOWE2ODQ2NzNkNTFmNGQ0YTY1NDgyNTExMWEwODRlMzU4NjNhN2I3OGYyYzNlNjEzZjFjYWNjODcxNjkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MywiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48131ca364d005ead5a6c9b56c2b4446ad05604e31feb9dd3ea81abdbca2f5ab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:34 GMT
last-modified: Thu, 13 Jul 2023 07:29:52 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1846966
access-control-allow-credentials: false
x-traceid: ba640e34b11954b4a1ebe1b3f61c7484
timing-allow-origin: *, *
content-length: 10678

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ Frame F050 4 B
371 B 671ms
158ms Fetch
application/json 38.133.127.31

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=52bb18b3b0fefe3a6a008dc2018e2411&pvId=52bb18b3b0fefe3a6a008dc2018e2411&sid=9644617&pid=203177&idx=0&wId=110&pad=3&org=0&tm=345&eT=3&cnsnt=no_consent&wRV=2010376&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 10:34:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e644b4f5513240c26d115db4668c3391
Content-Length: 4
Expires: 0

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 34ms
33ms Preflight 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://tinyurl.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 20 Jul 2023 10:34:34 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 31ms
31ms Fetch
text/plain 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: e886175120629c7c9787dbdffe2ace753479a268b01b8ed82139db31df357013

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:35 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 577D 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1xy-ugInZrQk8KOdh85LcXnGvzXivr40RU6M9BY5KFaGoDdwbalBB3VFeRb8pYFUgfx0dB1OxJRZPLZZO3a-eEV_4IHdEQCwNJXxInR4uxXOOlU4Jy7_vnqDi04qBu-is8I_NHWWNgz4k&sai=AMfl-YTgQhBrsWklWN2UUdQ7liEofkg9xp_gDCvd2KSPn6_6hz4WmwFsYiGKbT_8Tbwm94Dh3CUW7F0zb8vot51CQ6ABqvlsYRQ35sLvmr8dCaptm96mWyKca6rhEC4a6fbsg6wiiStM8z3oiesogQ&sig=Cg0ArKJSzFMm1ozrozc2EAE&cid=CAQSTABpAlJWMvXSRN6isUoUk5HCHFtrIvVmF7XEN79AAUudRLE3_fWHVnMVHxRLVbGjlrc1uLSjzWG-1Qan6_wUz4whJX9-CZVYfpQPMfIYAQ&id=lidar2&mcvt=1001&p=102,1511,142,1552&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2873892524&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689849273702&rpt=321&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 577D 0
20 B 61ms
59ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3573389810897&version=m202306200101&ct=76&x=1&cor=8571696537855165000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 31ms
30ms Preflight 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tinyurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://tinyurl.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 20 Jul 2023 10:34:35 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 36ms
35ms Fetch
text/plain 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: e886175120629c7c9787dbdffe2ace753479a268b01b8ed82139db31df357013

Request headers

Referer: https://tinyurl.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 10:34:35 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F050 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXpwIICa9WNsirNrRWt9lhIDPErdk-osvZInMehPpF7tjOPOL1cANNnrG6CJMwGB1BoiApRlFewRWpKhrMKlK-0TZwxJ2K8xzi7Axn7g-MV2b3B3gG&sig=Cg0ArKJSzECNie0USAqcEAE&id=lidar2&mcvt=1001&p=516,48,766,1018&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3220195246&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689849273688&rpt=877&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 25ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2PJZZW5GKP&gtm=45je37h0&_p=537722849&cid=1138861471.1689849271&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1689849270&sct=1&seg=0&dl=https%3A%2F%2Ftinyurl.com%2Fapp&dt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&en=scroll&epn.percent_scrolled=90&_et=25
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8A86 52 KB
17 KB 66ms
18ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6837
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 20 Jul 2023 10:34:36 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 21 Jun 2023 06:41:32 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 4316, 26342
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600039-LCY
X-Timer: S1689849276.204504,VS0,VE0

GET
H2 204 pbcas
ads.yieldmo.com/ Frame EF3D 0
0 31ms
31ms Document
text/plain 34.240.83.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.83.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-83-116.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

date: Thu, 20 Jul 2023 10:34:36 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9F3B 15 KB
6 KB 90ms
26ms Document
text/html 23.213.168.238

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.168.238 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=169763
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 20 Jul 2023 10:34:36 GMT
expires: Sat, 22 Jul 2023 09:43:59 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame C09B 37 B
140 B 87ms
29ms Document
image/gif 13.248.245.213

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 20 Jul 2023 10:34:36 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame EF4F 281 B
554 B 105ms
36ms Document
text/html 95.101.149.233

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Jul 2023 10:34:36 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=20709161-78ee-4082-8045-abd2c7fd05da&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-EbgTENtE2pngrEwPj8vzMuvB6UYkX.1nUbwXCg--~A&expires=5&ssp=themediagrid

43 B
145 B

25ms
24ms

Image
image/gif

18.159.220.108

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-EbgTENtE2pngrEwPj8vzMuvB6UYkX.1nUbwXCg--~A&expires=5&ssp=themediagrid
Protocol: H2
Server: 18.159.220.108 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tinyurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Thu, 20 Jul 2023 10:34:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-EbgTENtE2pngrEwPj8vzMuvB6UYkX.1nUbwXCg--~A&expires=5&ssp=themediagrid
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8A86 0
596 B 47ms
47ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
an-x-request-uuid: b97a679e-3d9b-4eeb-9902-0c702bdc2091
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.33.144.179; 178.33.144.179; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9F3B 5 KB
6 KB 131ms
18ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98054405&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05d36e8fac80e844c56bf719b48de67795cdf451c7d56d47ca2c675a37c79272

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 10:34:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EF4F 34 KB
10 KB 30ms
29ms Script
text/html 95.101.149.233

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 10:34:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2023 21:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37894
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 20 Jul 2023 21:06:10 GMT

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 9555 35 B
125 B 151ms
47ms Document
image/gif 213.155.156.169

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.169 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3E33
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

24ms
19ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 10:34:35 GMT
expires: Thu, 20 Jul 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 723962
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame BE0F
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327495547637

42 B
274 B

22ms
21ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327495547637
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Thu, 20 Jul 2023 10:34:36 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322327495547637
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame DA65
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

190ms
190ms

Document
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Jul 2023 10:34:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: EC3CBZYS3DCZ2M8ZHVCT

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jul 2023 10:34:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: WKDTPY12Q1A62BGB9B7H

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 60E4
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7I99JniPfWE42yvneBy9J60bKyE4D70n7I1keZ7

42 B
566 B

77ms
21ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7I99JniPfWE42yvneBy9J60bKyE4D70n7I1keZ7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-store, proxy-revalidate
content-length: 0
date: Thu, 20 Jul 2023 10:34:36 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7I99JniPfWE42yvneBy9J60bKyE4D70n7I1keZ7
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E868
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=604812902474433476&gdpr=0&gdpr_consent=

42 B
296 B

67ms
20ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=604812902474433476&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 2670be01-a76f-4890-85a2-1001f9e89327
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=604812902474433476&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 178.33.144.179; 178.33.144.179; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET /
dsp.adfarm1.adition.com/cookie/ Frame 553B 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8BBC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0-cubujQXzZhnCACY2mRC7IhkLM&gdpr=0&gdpr_consent=

42 B
300 B

18ms
18ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0-cubujQXzZhnCACY2mRC7IhkLM&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Jul 2023 10:34:36 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0-cubujQXzZhnCACY2mRC7IhkLM&gdpr=0&gdpr_consent=

GET
H2 400 sync Show response
t.adx.opera.com/pub/ Frame 7869 0
413 B 101ms
30ms Document
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 20 Jul 2023 10:34:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: nginx

GET

redir
rtb-csync.smartadserver.com/ Frame B211
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNmowN0pjaHNBQUNTeVRiZ2VxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE6j07JchsAACSyTbgeqQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAE6j07JchsAACSyTbgeqQ&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE6j07JchsAACSyTbgeqQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...

0
0

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame AB01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

100ms
100ms

Document
image/png

151.101.130.49

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLkNvAACOU0ssQAb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Thu, 20 Jul 2023 10:34:36 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600027-LCY
x-timer: S1689849277.562542,VS0,VE81

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Thu, 20 Jul 2023 10:34:36 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLkNvAACOU0ssQAb
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600027-LCY
x-timer: S1689849276.462092,VS0,VE81

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A298
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

18ms
18ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 10:34:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Thu, 20 Jul 2023 10:34:36 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 6E44 43 B
282 B 102ms
29ms Document
image/gif 173.231.180.197

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Thu, 20 Jul 2023 10:34:36 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-1

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 5BE5 43 B
277 B 244ms
51ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Jul 2023 10:34:36 GMT
Vary: Accept-Encoding
X-adserver-worker: erebus-25a388403327@version_1.564
X-core-time: 0ms
X-server-arch: v2

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame AEFB 43 B
361 B 80ms
26ms Document
image/gif 35.186.193.173

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 20 Jul 2023 10:34:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET

i.match
s.tribalfusion.com/z/ Frame A4F0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

0
0

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 7C88 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F521
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent=

42 B
319 B

19ms
18ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 10:34:36 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9F3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jwcb_CoUSEujoEalOykWDg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

26ms
26ms

Image
text/html

23.213.168.238

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 23.213.168.238 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=169763
accept-ranges: bytes
content-length: 5606
expires: Sat, 22 Jul 2023 09:43:59 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 9F3B 49 B
265 B 105ms
31ms Image
image/gif 52.31.235.128

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.235.128 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.68
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 9F3B
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1014616771
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=27071BFC-2A14-484B-A3A0-46A53B29160E

0
284 B

71ms
24ms

Image
text/plain

34.111.131.239

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=27071BFC-2A14-484B-A3A0-46A53B29160E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 34.111.131.239 -, , ASN (),
Reverse DNS
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
via: 1.1 google
last-modified: Thu, 20 Jul 2023 10:34:36 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=27071BFC-2A14-484B-A3A0-46A53B29160E
date: Thu, 20 Jul 2023 10:34:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

ddp
a.audrte.com/ Frame 9F3B
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=27071BFC-2A14-484B-A3A0-46A53B29160E
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGQ2RDNKdTZFSWJUOUNtSjIyTnJMaUktQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9F3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjcwNzFCRkMtMkExNC00ODRCLUEzQTAtNDZBNTNCMjkxNjBF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

53ms
23ms

Image
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:35 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9F3B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15

42 B
95 B

51ms
22ms

Image
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:35 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9F3B 43 B
611 B 100ms
27ms Image
image/gif 35.204.158.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 19 Jul 2023 10:34:36 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9F3B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5198634508333833405

42 B
323 B

38ms
21ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5198634508333833405
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:35 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5198634508333833405
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9F3B 70 B
264 B 41ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 27071BFC-2A14-484B-A3A0-46A53B29160E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9F3B 43 B
426 B 108ms
35ms Image
image/gif 2a05:d018:d29:3605:f284:42bf:7c5f:c715

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/27071BFC-2A14-484B-A3A0-46A53B29160E?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:f284:42bf:7c5f:c715 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 9F3B 0
125 B 104ms
31ms Image
text/plain 3.71.149.231

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=27071BFC-2A14-484B-A3A0-46A53B29160E&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9F3B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=c5e3699d-2ac1-47d8-b6a7-1ea726a36604&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20709161-78ee-4082-8045-abd2c7fd05da&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

19ms
19ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20709161-78ee-4082-8045-abd2c7fd05da&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20709161-78ee-4082-8045-abd2c7fd05da&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 9F3B 0
104 B 111ms
38ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9F3B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7385666904958375303&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

19ms
19ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7385666904958375303&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7385666904958375303&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 20 Jul 2023 10:34:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9F3B 0
187 B 73ms
21ms Image
text/plain 98.98.134.241

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9F3B
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f24775f4-46b2-49c4-819f-1437193119a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

20ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f24775f4-46b2-49c4-819f-1437193119a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Jul 2023 10:34:35 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f24775f4-46b2-49c4-819f-1437193119a8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 20 Jul 2023 10:34:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF4F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCME1KVjYtMVUtMlBRSg==

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCME1KVjYtMVUtMlBRSg==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCME1KVjYtMVUtMlBRSg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame EF4F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKB0MJV6-1U-2PQJ

0
651 B

159ms
116ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKB0MJV6-1U-2PQJ
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:34:36 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5B08B8C5BAFE4A1FA308A8D0BD86DA68 Ref B: PAR02EDGE1006 Ref C: 2023-07-20T10:34:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYA6LHc6VCMi858Kv4FdQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKB0MJV6-1U-2PQJ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET dcm
s.amazon-adsystem.com/ Frame EF4F 0
0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame EF4F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/jmnS3Y-_8GGrzEHSAWlYi8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nL5149FE2oIRNY6rwsBdYmY1YK5tCm0Cx_S.zw--~A

0
239 B

87ms
24ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nL5149FE2oIRNY6rwsBdYmY1YK5tCm0Cx_S.zw--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 20 Jul 2023 10:34:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nL5149FE2oIRNY6rwsBdYmY1YK5tCm0Cx_S.zw--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame EF4F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5ofBbzW5RDCVfAzSRTckIw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5ofBbzW5RDCVfAzSRTckIw

43 B
479 B

36ms
36ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5ofBbzW5RDCVfAzSRTckIw

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 10:34:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XWVPSF8BE6D1C1JA1VVR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5ofBbzW5RDCVfAzSRTckIw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame EF4F 70 B
264 B 36ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame EF4F 170 B
188 B 42ms
40ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF4F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjEwNTdkNjAyZmQ0YjlmZmRhZDBhMjgyMThhNTUyMjQyNjFjMzA4YQ

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjEwNTdkNjAyZmQ0YjlmZmRhZDBhMjgyMThhNTUyMjQyNjFjMzA4YQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 10:34:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjEwNTdkNjAyZmQ0YjlmZmRhZDBhMjgyMThhNTUyMjQyNjFjMzA4YQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.intentiq.com
URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=3b480aa7-4a8f-413c-b6de-0cd3e3b19817

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE6j07JchsAACSyTbgeqQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: a.audrte.com
URL: https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinyurl.com/	1970-01-20 23:00:09	Name: tinyUUID Value: eyJpdiI6InZiZ04vZHljczI5cjJqSVNoTW9PcVE9PSIsInZhbHVlIjoickhSOE9wN1hBT3FNY3BFNzhLRnZrcUR5VmRwS09kTmpkeEZyUU45UE1MWFNaeU5qMzVERk1MazRadUw2TkF2dWRHdjljV2oyWUlEbTZJRy9iLzB2VStwWnJGQnFET2hJdkw5cDFOM0tkTWs9IiwibWFjIjoiODg2YmZkMzk0YzZkNDZlMmNkNDM0MjIyZjU2NTdlN2I0NDJjM2JkNjkwZWIzODQ4ZjIzYWYxM2MzMzYzODU4OSIsInRhZyI6IiJ9
.tinyurl.com/	1970-01-20 23:00:09	Name: early-access Value: eyJpdiI6ImxMMTJncVpidGlrOUxhSTJ1bzBBU1E9PSIsInZhbHVlIjoiUlluTzdhRUlTT0xVbkt5Zi9uUFgyakdjNnlGK3RRbW5HSnlvNDNzbVo5UU9UVjhIdkRFcG5iU0Y2cW1HRXh0c0ZNWVNjYmdVZ0dRclFLQUVMd1BWUlh6QnorRkhzSUI0UHRrRnMwSWRocE09IiwibWFjIjoiODU1NmJmMDQyODA0ZGI4MGFkZTY2YmQ1ZTg3YWU1N2NmYTdlZWRiYmYxNGU5N2JmNGRkNzgxYWY2NjM5MzYyMiIsInRhZyI6IiJ9
.pub.network/	1970-01-20 23:00:09	Name: _fsuid Value: 68c7ee6b-6a0a-4c82-8bd2-02561eec9491
.scorecardresearch.com/	1970-01-20 22:45:45	Name: UID Value: 1367588f5e9265c603f0f171689849270
.tinyurl.com/	1970-01-20 22:09:45	Name: _hjSessionUser_2976777 Value: eyJpZCI6ImZjYjQ2ZGQ3LTcwOGUtNTJlZC05ZTA1LTUwZTNjYWVmYWM5YyIsImNyZWF0ZWQiOjE2ODk4NDkyNzA5NjIsImV4aXN0aW5nIjpmYWxzZX0=
.tinyurl.com/	1970-01-20 13:24:11	Name: _hjFirstSeen Value: 1
.tinyurl.com/	1970-01-20 13:24:09	Name: _hjIncludedInSessionSample_2976777 Value: 0
.tinyurl.com/	1970-01-20 13:24:11	Name: _hjSession_2976777 Value: eyJpZCI6ImY3NzRlY2MzLWU2OTctNGRmMy1iNDFmLWY2MWMzYjE2ZWU0YyIsImNyZWF0ZWQiOjE2ODk4NDkyNzA5NzIsImluU2FtcGxlIjpmYWxzZX0=
.tinyurl.com/	1970-01-20 13:24:11	Name: _hjAbsoluteSessionInProgress Value: 0
.tinyurl.com/	1970-01-20 23:00:09	Name: _ga Value: GA1.1.1138861471.1689849271
.tinyurl.com/	1970-01-20 23:00:09	Name: _ga_2PJZZW5GKP Value: GS1.1.1689849270.1.0.1689849271.0.0.0
.tinyurl.com/	1970-01-20 13:24:16	Name: XSRF-TOKEN Value: eyJpdiI6InpiZkdKZ0dXdFV0QldmZnVPWnRvQ2c9PSIsInZhbHVlIjoiQVd2azBLb3AyMUh2Rk1rYzVVa2drNm5UNk9DTHBBOXQrVWJqRFFPWDZDWCtZZ3RhVTc1cyt4eUZMajl2TVBPdk9vYlU4UlFiNUtzZlBMaUVzVU0xaERwTWI2eEVPODhEdjZtZzJDd3dBOVJGMUVKU0tucnBoMkNLSXhpRFV4Mi8iLCJtYWMiOiJiNmM4ZmZjNzY4MDY5YjAyYTI5NzkyNGVhZDNkNjAzMzk1MjMxZTBjOWM1NDVlOWVjNzBhOTUzNWJjMDM1YTc5IiwidGFnIjoiIn0%3D
.tinyurl.com/	1970-01-20 13:24:16	Name: tinyurl_session Value: eyJpdiI6IitnTTR1ZnVpdGhmRjliWUREUS9JNGc9PSIsInZhbHVlIjoiRGlnYllTbk9DM3BBTlB5b0JpU005dC9ZNjRPeWhNQzBMYnNGNkJZeVVuQlZQVitxMU5kVW4wUThvRnRzQU9xSHp0VXhBZ0w1OFFUSnJoTUxLemVQSTlnajVEYlBQaDdMOFhHdEk5ZUlURUxibUJML2xXWUp5OE9ZT2d2ZGhiTHUiLCJtYWMiOiJhMzk3MDNhYmYyMTFjODY4N2JjZDJjMmFhMjNhMWQ3NjYwNmRkZTUzMTRlMTg2YzRlOGYxNmUzMTU1OWM3NDYyIiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-20 23:00:09	Name: m Value: 48a3a746-237b-4e22-ae5a-d75393bf39479337c6
.tinyurl.com/	1970-01-20 22:09:45	Name: __stripe_mid Value: bbff1a0d-3325-444e-9192-1a65b5081b6c913b40
.tinyurl.com/	1970-01-20 13:24:11	Name: __stripe_sid Value: a60385fc-db83-446a-bd8e-89dfc88e15961c80b8
tinyurl.com/	1970-01-20 14:07:21	Name: _pbjs_userid_consent_data Value: 3524755945110770
tinyurl.com/	1970-01-20 22:09:45	Name: _iiq_fdata Value: %7B%22pcid%22%3A%223b480aa7-4a8f-413c-b6de-0cd3e3b19817%22%7D
.tinyurl.com/	1970-01-20 17:43:21	Name: _pubcid Value: c326274a-e3d1-4449-a46a-511dcbd58881
.openx.net/	1970-01-20 22:09:45	Name: i Value: dc82e9c4-4024-449e-902f-3040eda20c61\|1689849272
.quantserve.com/	1970-01-20 22:54:23	Name: mc Value: 64b90db8-e3b4f-9723a-fa964
.tinyurl.com/	1970-01-20 22:48:38	Name: __qca Value: P0-1155997262-1689849272777
.rubiconproject.com/	1970-01-20 22:09:45	Name: khaos Value: LKB0MJV6-1U-2PQJ
.rubiconproject.com/	1970-01-20 22:09:45	Name: audit Value: 1\|hLZGFuTafB3polwuES/U88WxZQUMNpzzGXFcqoZw1m5e4HuyQIL+Nm3h6OUCxGIOc7KPDQmaUBzz8yenK/o+f7+qrSdW8Ua3l756kl60NTMijy0RC4Zd8dAPlTu0R9RN
.openx.net/	1970-01-20 13:45:45	Name: pd Value: v2\|1689849273\|n0vNvQiygu
.adform.net/	1970-01-20 14:08:47	Name: C Value: 1
.adform.net/	1970-01-20 14:50:33	Name: uid Value: 5198634508333833405
.tinyurl.com/	1970-01-20 22:45:45	Name: __gads Value: ID=d36ccbb6b0a32cdf:T=1689849273:RT=1689849273:S=ALNI_MaWt1DUK8cC_VaPb_NQgiv8KW0wSQ
.tinyurl.com/	1970-01-20 22:45:45	Name: __gpi Value: UID=00000c6ccee08a4f:T=1689849273:RT=1689849273:S=ALNI_MabqHYb33pA5I8Ijefs4fSLXdpU8Q
.criteo.com/	1970-01-20 22:45:45	Name: uid Value: 75af5129-d4b9-4441-9b45-0251177f3239
.doubleclick.net/	1970-01-20 22:45:45	Name: IDE Value: AHWqTUkVeAIR4Nxm48yVard45rhQYPeWNom92zZx26BuUtKQAzsOCzDdLmr03E1x
.tinyurl.com/	1970-01-20 22:45:45	Name: cto_bundle Value: tykMy18xcVE2VkZzV25LZnFscWxhclVod1VJaUdRdTU2ZXh4UEpvTlI5S0JKQTVjdXUxT3VzVUp3SlYwWHVDdDBmdjY4b2tnVyUyRmRxS0RkM0JXN1ZyQlZHOGRuRTNHQlp6MTlPQnpac0pNU1RHZVElMkZLU1FoZE9jZDBLNDRIWU54Rzl1Z0lBRXBjYnJjRnAzT2wxMWYxbmt6dGN3JTNEJTNE
.doubleclick.net/	1970-01-20 17:43:21	Name: APC Value: Aa3gxNr0u0A0M6-xmykOJWCve9U-nznbLLFaPhnvQwzPhjR6Uxn2fQ
.adnxs.com/	1970-01-20 15:33:45	Name: uuid2 Value: 604812902474433476
.casalemedia.com/	1970-01-20 22:09:45	Name: CMID Value: ZLkNunR1jnFbmDiHwaz0NQAA
.casalemedia.com/	1970-01-20 15:33:45	Name: CMPS Value: 5221
.casalemedia.com/	1970-01-20 15:33:45	Name: CMPRO Value: 5221

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://tinyurl.com/app Message: Access to XMLHttpRequest at 'https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=3b480aa7-4a8f-413c-b6de-0cd3e3b19817' from origin 'https://tinyurl.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=3b480aa7-4a8f-413c-b6de-0cd3e3b19817 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://s2s.t13.io/openrtb2/auction Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://s2s.t13.io/cookie_sync Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=27071BFC-2A14-484B-A3A0-46A53B29160E&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://a.audrte.com/a?adform_uid=5198634508333833405&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49420ed130771570f134c194f20f34e8.safeframe.googlesyndication.com
a.audrte.com
a.pub.network
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
ads.yieldmo.com
api.btloader.com
api.floors.dev
api.intentiq.com
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
c1.adform.net
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d.pub.network
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
js.stripe.com
lb.eu-1-id5-sync.com
log.outbrainimg.com
m.stripe.com
m.stripe.network
match.adsby.bidtheatre.com
match.adsrvr.org
mcdp-nldc1.outbrain.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
odb.outbrain.com
optimise.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.stripe.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
sb.scorecardresearch.com
script.hotjar.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
static.hotjar.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
t.adx.opera.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
tinyurl.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.audrte.com
api.intentiq.com
cm-supply-web.gammaplatform.com
dsp.adfarm1.adition.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.tribalfusion.com
108.128.57.78
108.138.37.209
13.227.219.28
13.248.245.213
130.211.23.194
134.122.57.34
141.95.33.111
142.250.185.162
142.250.186.162
142.250.74.198
146.75.122.132
151.101.1.108
151.101.130.49
151.101.64.176
162.19.138.116
173.231.180.197
178.250.1.11
178.250.7.11
18.159.220.108
18.173.187.81
18.193.5.151
18.197.190.58
18.65.39.70
18.66.138.185
18.66.192.96
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
193.0.160.131
195.5.165.20
198.47.127.205
2.18.161.178
20.13.96.71
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.169
23.209.239.88
23.213.168.238
23.213.169.149
2600:9000:20c3:b400:6:44e3:f8c0:93a1
2602:803:c004:200::140
2606:4700:10::6814:8b41
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:545
2606:4700:10::ac43:1e1
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:932
2606:4700:4400::ac40:99f6
2606:4700::6812:14ce
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:803::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:fa8:8806:20::2040
2a04:4e42::485
2a05:d018:d29:3605:f284:42bf:7c5f:c715
3.33.220.150
3.71.149.231
3.75.115.20
34.102.146.192
34.102.163.6
34.107.140.113
34.111.129.221
34.111.131.239
34.111.152.239
34.120.107.143
34.160.128.112
34.160.152.31
34.240.83.116
34.96.70.87
35.186.193.173
35.190.39.111
35.204.158.49
35.214.205.40
35.244.159.8
37.157.4.25
37.252.171.149
38.133.127.31
44.228.239.46
46.51.194.233
52.222.139.35
52.31.235.128
52.54.23.208
52.95.125.22
54.187.159.182
69.173.144.139
69.173.144.165
82.145.213.8
95.101.149.233
98.98.134.241
00c55d2aca120bde08b54624243c1049508716246b16ac5860c61469aa351b10
0195742c124a3548b9a56ed673fe3e674ccac79e440eb4d5a78b91a31691d32f
04ea4bbd91e20606eb8495bd08b0da5f88d48db0b9616d8faa52f947391c4d37
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05bb7e571ad3d5da7b996ede9d119937337f7eb84723ad8967b23b4245498434
05d36e8fac80e844c56bf719b48de67795cdf451c7d56d47ca2c675a37c79272
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0af0121e6b6d73eff37384c79f65295e3903a8a2456914d54e53c115153c7afc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb4630bd42246fedfd677e82b723af1cd563d9d6203bcf3d79701128a5d5b50
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0eda13bf855220cdec6aaace454f32733f52fcac0bacb575e459b5b081ee9c52
0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb
10ab8d4b7ee18b7abfcc84952b847ec9e1a450d8f8772d8f78c3c7c73fe7b778
125bae6d5c0255748d46352540c62c2907721067fb829fdf55646824f1517590
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147c6cb56e0a7c98fea417a32fe1fa01320d5e96850315037d8ee166359f1285
16d4d5f6575d856fd06a54c7f67da63f187caa4abdf5e4a6f5cb213597318796
1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19dd174c21aa7f48a8581ddbdef32619d7e97073084f221d2edfcf3946f3fd64
1b042918b8ad7c3a54178fee1660eee0df1a6092dd5089a04d8cdd387a3dadbe
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1e6579ce3dd586da99bdd9c0ab30c88ef47f10fa1571c0a6f3f8202abab3331e
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
33c5ecb41a207f217841973b4af3b5fcbf30de6a9c76296f29963b0f3caf6058
353f0a8fc4f401620d985737f9e6946b115edc078ad9778f0b61968da6abf642
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
385ba7770813dbede2a1a8f613abbae90230c610e5131de1914e8915b6f896c4
3896fc589ac4954b51e8c867469c4ba8ff916357495e88b95e0261f7e2a4d947
38d8511edbc029729dcebd0d2d5491612ab9bb4721b1f54ab84415b35aa91558
3a3a93ff195fb60e6bffb8600751899ca4743fe21f8c4c139bb504689e13d0e1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412801cfc7c8184efcbf91b789bbb3e4c1f759e48c68690e2fd36342e3639edc
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48131ca364d005ead5a6c9b56c2b4446ad05604e31feb9dd3ea81abdbca2f5ab
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4c9b27cc205960cd9af998ae351e0391ec476767f6d15b23692020a95819ae1c
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4d758495fba4b7017aa9f3f707d3215d02171868d2a66827daaaf27f2fbdb257
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a1ca387a281c6cb8ebb0796f54c601cba5e3464311c7876020e314d1e7999e1
5ba0537308800db1df9a498d361a6901256e7a8317db01ce07fc92bc9ed2b95f
5e9a22fac024371ed667ca4ebc25daaedaebd39fbfe03ebdd60c53a45a7913c3
5e9b8c9559d010f9d9ddefc559ce2797e4c714203c8801a95d7ba4124f83c75e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638a4a197f998da8f8d0ea2e5562732c97566ef561b4f742961fb23ea72e8ea7
641f906e3373255a4a526d6468bf66a84f4bbaa7aa6d9c345c13cb7014c3b524
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b9bf0b4d8391936146f283993703c40e68aea42b067288982da74d682067a
71a102616a6362acf3800a06900c03d645bedf6a211b189691675c279792f36b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
773605e1314c59632e5f9b723d5480c1d92b7be228f2b57b4dc67471b4eb6235
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2
7ba24c4138c4c3cfe694a8fc8943b8ce21b9bfbb14edcb290b8654fcaa365d6b
7cab6bef066beaeda5c2b28bed92745944a8ff157df5e1cdd395ad92acb41111
88ba11469b80baa4fb13e19f765fd14ed5222e34ac8de4acc772706014375d79
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cad7fb7a86fe45ce88d62cdcbbc1af8e8a20e1c74a92e7076adef9dedbe5900
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4e44ecc2ef7c1fd208177141079346e80660ac69b535f9448589333383e4cd7
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a9438e23e6ec52be3831cbc58d271060266b91b48d9e5d487065b1488618a854
a9ef7042414e58a4b4a6b6dc829c5b6b7a1e0153ad03a92e2043d622dd50c9bb
ac329145cc7f800c70b1cb5acddcd3f01e91a6c88e3136a2f961aefa0e00ec54
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
addadcbbd0c9de948c2f157f70983610a576b30777859528ea21ed26c6d3408c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b018fb96faaf22de5e11ed1fae7e4e6b9e0b332395b25620a5a4430e3bbd6c4f
b07723cdcf42205854164e0088697097128e5f269f8f4520b26bccc1c26c3a74
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fd0eefc61d24460a7bcdd2eb2594d4b6b60fbb2b41ffef8ff4ec24d8de73b6
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9a225cc19dac5c9747959544304eb5b4cb6c65e3ce2ccb14c3627af0ca38428
bafa6b4dd3a838e48a65f143a3a252d71321396a8fc1e9fa8d070dafd9471bea
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bd3c9eeaecae2f4296a20fa7551239fa82d1862d86f9e649a81630555b1fc7f3
bf638174508f47b2b586c4705fc66b49218cb620581b1f0fa6f850131296cc4f
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c108e39060d22b1d00a13bed427e1d9df226b4862bcf3c0981edbb315ba46548
c11700158b85b9f0e3db60050da284ea72c13362736d0d80a35d6c55c50f6155
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31c9350809bd2372d2514166d8497b669bca0b96e2aefdbeb7f856e982cda13
c4e9c29811d835dbf1028a11d9152dafa9515e20a4f5a5f6d8e8309a2bfa71e2
c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc
c5f4d1806f4f2601c0f896980418aa080a28adcd83fef5cbc98b7c0c37e509d5
c7fe07354bafff73a914ceefdbc958f24e875da8dd2d8aadda70baa25db9ab8f
c89b2c4e3b2a14c8cbce7de23753253297ce0ba0b0496497e63c6a1d095e6349
caa1c94be64cc27b824ff446d84cd2a2a40ee6a7dc5bab33faa3b41595732d76
cd239f81b8d4226d924836a33c09c459d94cdde346b0b8be8ed3bf734ad28eea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2e9b9928610c087592b74ac222151ee41ee3231c790dd820822f7c40a193a75
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2c5cf547e2e8d74a17d05c5ad9f1f593ca526452e228124294fa983b908ff82
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db6dce461896e636d07bd993d1a1ac3efd0041b0f427f8bfd4ce9e904ed3e6
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e684e3bdd0b48d1a7bf9cfc11024cdb3ccbed72899fd39c3f7976a4c1c84bd70
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e856e002a9c4085ebf51e8bce596dd8ff80b1d716c33c5bf3ab20551c1831307
e886175120629c7c9787dbdffe2ace753479a268b01b8ed82139db31df357013
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
ebfbd5089ed8397da1a71acdb83bc87bf8498e0a83d28ddda27b2196d0bcf4b9
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01ab609473a42c98897200b2331d03ea50b4ec0aa58f373ee62372d6563223a
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f29c683753e467eae157a27cccc8b998913df80a8ecf690f2df7fde0aa6ec2d4
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
faa7e1cc212a742411ba13147380952ee251fad3e629dd70b0cd5adc450f1d33

tinyurl.com Open in urlscan Pro 2606:4700:10::ac43:1e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

245 Requests

87 %HTTPS

31 %IPv6

75 Domains

117 Subdomains

92 IPs

8 Countries

4688 kBTransfer

11809 kBSize

37 Cookies

2 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tinyurl.com Open in urlscan Pro
2606:4700:10::ac43:1e1 Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

87 %
HTTPS

31 %
IPv6

75
Domains

117
Subdomains

92
IPs

8
Countries

4688 kB
Transfer

11809 kB
Size

37
Cookies

245 HTTP transactions
2 data transactions