urlscan.io logo urlscan.io
SecurityTrails logo

tinyurl.com Open in urlscan Pro
2606:4700:10::ac43:1e1  Public Scan

Go To Rescan Add Verdict Report
URL: https://tinyurl.com/2p9bpte
Submission: On December 14 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 5 countries across 61 domains to perform 295 HTTP transactions. The main IP is 2606:4700:10::ac43:1e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is tinyurl.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.
This is the only time tinyurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.63.71 16509 (AMAZON-02)
2 2a03:2880:f04... 32934 (FACEBOOK)
2 2607:f8b0:402... 15169 (GOOGLE)
10 18.214.233.191 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 151.101.129.194 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 142.250.65.162 15169 (GOOGLE)
1 142.250.65.198 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 130.211.23.194 15169 (GOOGLE)
2 2a03:2880:f14... 32934 (FACEBOOK)
4 52.206.10.65 14618 (AMAZON-AES)
1 18.205.165.43 14618 (AMAZON-AES)
2 69.166.1.14 27630 (AS-XFERNET)
6 44.193.114.165 14618 (AMAZON-AES)
2 34.149.20.76 15169 (GOOGLE)
4 20 68.67.179.77 29990 (ASN-APPNEX)
20 104.16.190.66 13335 (CLOUDFLAR...)
4 3.230.217.116 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.65.108 54113 (FASTLY)
26 23.52.167.93 16625 (AKAMAI-AS)
1 23.50.53.184 20940 (AKAMAI-ASN1)
4 96.6.25.130 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
4 68.67.161.207 29990 (ASN-APPNEX)
4 2607:f8b0:400... 15169 (GOOGLE)
6 54.230.162.104 16509 (AMAZON-02)
3 54.236.221.120 14618 (AMAZON-AES)
2 28 52.223.22.214 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 2620:100:a001... 19750 (AS-CRITEO)
3 9 2620:1ec:c11:... 8068 (MICROSOFT...)
2 54.230.162.99 16509 (AMAZON-02)
2 8 104.76.104.25 16625 (AKAMAI-AS)
7 2620:100:a001::4 19750 (AS-CRITEO)
1 74.119.119.147 19750 (AS-CRITEO)
4 2607:f8b0:400... 15169 (GOOGLE)
1 74.119.119.137 19750 (AS-CRITEO)
2 74.119.119.149 19750 (AS-CRITEO)
12 18.206.84.172 14618 (AMAZON-AES)
2 2a02:2638:1::13 44788 (ASN-CRITE...)
4 4 199.38.167.129 54312 (ROCKETFUEL)
3 6 178.162.133.149 60781 (LEASEWEB-...)
10 10 2606:ae80:147... 25751 (VALUECLICK)
6 9 142.250.81.226 15169 (GOOGLE)
4 4 54.227.68.116 14618 (AMAZON-AES)
2 2 74.119.119.150 19750 (AS-CRITEO)
12 12 35.211.178.172 15169 (GOOGLE)
7 7 74.121.140.14 30419 (MEDIAMATH...)
6 6 64.202.112.127 23352 (SERVERCEN...)
3 3 23.209.184.224 16625 (AKAMAI-AS)
4 4 35.207.24.140 15169 (GOOGLE)
12 12 35.71.131.137 16509 (AMAZON-02)
5 7 54.175.87.114 14618 (AMAZON-AES)
3 3 2620:112:f000... 6336 (TURN-US-ASN)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 23.50.53.187 20940 (AKAMAI-ASN1)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
2 2 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 204.62.13.72 46636 (NATCOWEB)
1 2 209.54.180.3 16509 (AMAZON-02)
4 151.101.129.108 54113 (FASTLY)
13 13 67.202.105.22 32748 (STEADFAST)
2 4 67.202.105.34 32748 (STEADFAST)
2 3 198.148.27.139 19189 (PULSEPOINT)
1 1 146.20.128.142 27357 (RACKSPACE)
1 2 54.208.200.8 14618 (AMAZON-AES)
2 3 107.178.246.49 15169 (GOOGLE)
4 5 151.101.66.49 54113 (FASTLY)
2 68.67.160.76 29990 (ASN-APPNEX)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
2 2 34.232.192.29 14618 (AMAZON-AES)
2 2 52.203.189.165 14618 (AMAZON-AES)
2 2 207.198.113.179 13768 (COGECO-PEER1)
2 34.75.235.219 396982 (GOOGLE-PR...)
1 1 34.200.159.147 14618 (AMAZON-AES)
1 1 54.87.192.123 14618 (AMAZON-AES)
2 2 104.105.42.146 16625 (AKAMAI-AS)
4 23.64.109.237 16625 (AKAMAI-AS)
2 2 52.200.139.202 14618 (AMAZON-AES)
1 1 34.198.25.129 14618 (AMAZON-AES)
11 34.117.239.71 15169 (GOOGLE)
6 12 69.173.151.100 26667 (RUBICONPR...)
1 35.190.60.146 15169 (GOOGLE)
1 2001:4998:14:... 14777 (YAHOO)
295 74
5    2606:4700:10::ac43:1e1 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.225.63.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-71.ewr53.r.cloudfront.net
tags-cdn.deployads.com
2    2a03:2880:f041:11:face:b00c:0:3 (Denver, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    18.214.233.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-233-191.compute-1.amazonaws.com
e.deployads.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.250.65.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2a03:2880:f141:82:face:b00c:0:25de (Denver, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    52.206.10.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-10-65.compute-1.amazonaws.com
tlx.3lift.com
1    18.205.165.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-165-43.compute-1.amazonaws.com
ads.yieldmo.com
2    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    44.193.114.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-114-165.compute-1.amazonaws.com
c.deployads.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
20    68.67.179.77 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
20    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
4    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
1    2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
5    2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
26    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
contextual.media.net
hbx.media.net
c21lg-d.media.net
1    23.50.53.184 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-53-184.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    96.6.25.130 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-25-130.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
4    68.67.161.207 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
4    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    54.230.162.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-104.ewr53.r.cloudfront.net
ib.3lift.com
3    54.236.221.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-221-120.compute-1.amazonaws.com
protected-by.clarium.io
28    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    2620:100:a001::12 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
9    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
c.bing.com
2    54.230.162.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-99.ewr53.r.cloudfront.net
img.3lift.com
8    104.76.104.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-104-25.deploy.static.akamaitechnologies.com
hblg.media.net
cs.media.net
7    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
4    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com
pix.us.criteo.net
2    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
12    18.206.84.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-84-172.compute-1.amazonaws.com
s.update.3lift.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
10    2606:ae80:1471:16::730 (United States)

ASN25751 (VALUECLICK, US)
medianet-match.dotomi.com
districtm-match.dotomi.com
33across-match.dotomi.com
9    142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
cm.g.doubleclick.net
4    54.227.68.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-68-116.compute-1.amazonaws.com
pm.w55c.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
12    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
7    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
stags.bluekai.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
3    2620:112:f000:bbbb::11 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
4    2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.50.53.187 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-53-187.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    2600:1f18:4e9:5a05:915b:1f70:c370:1ea5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
13    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    146.20.128.142 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    54.208.200.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-200-8.compute-1.amazonaws.com
sync.bfmio.com
3    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    68.67.160.76 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
2    34.232.192.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-192-29.compute-1.amazonaws.com
match.prod.bidr.io
2    52.203.189.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-189-165.compute-1.amazonaws.com
pixel.advertising.com
2    207.198.113.179 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.75.235.219 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 219.235.75.34.bc.googleusercontent.com
dmx.us-east-32.districtm.io
1    34.200.159.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-159-147.compute-1.amazonaws.com
match.sharethrough.com
1    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.64.109.237 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-109-237.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.200.139.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-139-202.compute-1.amazonaws.com
t.pswec.com
1    34.198.25.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-25-129.compute-1.amazonaws.com
cms-xch.33across.com
11    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
12    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
1    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
1    2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
Apex Domain
Subdomains		 Transfer
52 3lift.com
tlx.3lift.com
ib.3lift.com
eb2.3lift.com
img.3lift.com
s.update.3lift.com
253 KB
38 media.net
contextual.media.net
warp.media.net
lg3.media.net
hblg.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
240 KB
31 adnxs.com
ib.adnxs.com
cdn.adnxs.com
nym1-ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
108 KB
27 33across.com
ssc.33across.com
ssc-cms.33across.com
cms-xch.33across.com
cms-xch-chicago.33across.com
9 KB
24 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
183 KB
22 districtm.io
dmx.districtm.io
cdn.districtm.io
dmx.us-east-32.districtm.io
9 KB
18 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
29 KB
17 deployads.com
tags-cdn.deployads.com
e.deployads.com
c.deployads.com
184 KB
14 googlesyndication.com
pagead2.googlesyndication.com
8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
tpc.googlesyndication.com
55 KB
14 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
6 KB
12 adsrvr.org
match.adsrvr.org
6 KB
12 bidswitch.net
x.bidswitch.net
7 KB
10 dotomi.com
medianet-match.dotomi.com
districtm-match.dotomi.com
33across-match.dotomi.com
3 KB
10 criteo.net
static.criteo.net
pix.us.criteo.net
csm.us.criteo.net
33 KB
9 bing.com
www.bing.com
c.bing.com
14 KB
8 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
9 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 criteo.com
rtb.va.us.criteo.com
ads.us.criteo.com
cat.va.us.criteo.com
gum.criteo.com
dis.criteo.com
39 KB
6 zemanta.com
b1sync.zemanta.com
4 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
36 KB
5 tinyurl.com
tinyurl.com
25 KB
4 tynt.com
de.tynt.com
5 KB
4 gstatic.com
fonts.gstatic.com
64 KB
4 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
4 w55c.net
pm.w55c.net
3 KB
4 rfihub.com
p.rfihub.com
3 KB
4 googletagservices.com
www.googletagservices.com
147 KB
3 tapad.com
pixel.tapad.com
1 KB
3 contextweb.com
bh.contextweb.com
2 KB
3 turn.com
ad.turn.com
1 KB
3 bluekai.com
stags.bluekai.com
3 KB
3 clarium.io
protected-by.clarium.io
1019 B
3 google.com
adservice.google.com
www.google.com
2 KB
2 pswec.com
t.pswec.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
808 B
2 advertising.com
pixel.advertising.com
677 B
2 bidr.io
match.prod.bidr.io
990 B
2 creativecdn.com
us.creativecdn.com
697 B
2 bfmio.com
sync.bfmio.com
598 B
2 amazon-adsystem.com
s.amazon-adsystem.com
858 B
2 adsymptotic.com
p.adsymptotic.com
552 B
2 linkedin.com
px.ads.linkedin.com
1 KB
2 clean.gg
i.clean.gg
15 B
2 akamaihd.net
qsearch-a.akamaihd.net
res-a.akamaihd.net
29 KB
2 google.ca
adservice.google.ca
914 B
2 facebook.com
www.facebook.com
498 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net
72 KB
2 btloader.com
btloader.com
api.btloader.com
9 KB
2 facebook.net
connect.facebook.net
113 KB
1 rlcdn.com
id.rlcdn.com
450 B
1 stackadapt.com
sync.srv.stackadapt.com
577 B
1 sharethrough.com
match.sharethrough.com
221 B
1 lkqd.net
cs.lkqd.net
491 B
1 admixer.net
inv-nets.admixer.net
586 B
1 clientgear.com
event.clientgear.com
262 B
1 adnxs-simple.com
acdn.adnxs-simple.com
39 KB
1 yieldmo.com
ads.yieldmo.com
353 B
1 ad-delivery.net
ad-delivery.net
941 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
0 quantserve.com Failed
pixel.quantserve.com Failed
295 61
Domain Requested by
28 eb2.3lift.com 2 redirects tinyurl.com
eb2.3lift.com
22 contextual.media.net tinyurl.com
contextual.media.net
20 ib.adnxs.com 4 redirects tinyurl.com
eb2.3lift.com
acdn.adnxs.com
16 dmx.districtm.io tinyurl.com
cdn.districtm.io
13 ssc-cms.33across.com 13 redirects
12 match.adsrvr.org 12 redirects
12 x.bidswitch.net 12 redirects
12 s.update.3lift.com ib.3lift.com
s.update.3lift.com
tinyurl.com
12 securepubads.g.doubleclick.net tags-cdn.deployads.com
securepubads.g.doubleclick.net
tinyurl.com
acdn.adnxs-simple.com
www.googletagservices.com
11 cms-xch-chicago.33across.com de.tynt.com
eus.rubiconproject.com
10 e.deployads.com tags-cdn.deployads.com
9 cm.g.doubleclick.net 6 redirects eb2.3lift.com
eus.rubiconproject.com
8 www.bing.com 3 redirects tinyurl.com
7 ups.analytics.yahoo.com 5 redirects contextual.media.net
7 sync.mathtag.com 7 redirects
7 static.criteo.net ads.us.criteo.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
acdn.adnxs-simple.com
6 token.rubiconproject.com 4 redirects eus.rubiconproject.com
6 b1sync.zemanta.com 6 redirects
6 cs.media.net 2 redirects contextual.media.net
6 sync.go.sonobi.com 3 redirects
6 ib.3lift.com tinyurl.com
ib.3lift.com
6 c.deployads.com tinyurl.com
5 sync-tm.everesttech.net 4 redirects eb2.3lift.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
5 tinyurl.com tinyurl.com
ajax.googleapis.com
4 pixel.rubiconproject.com eus.rubiconproject.com
4 33across-match.dotomi.com 4 redirects
4 eus.rubiconproject.com de.tynt.com
eus.rubiconproject.com
4 de.tynt.com 2 redirects tinyurl.com
4 acdn.adnxs.com tinyurl.com
4 cdn.districtm.io tinyurl.com
cdn.districtm.io
4 fonts.gstatic.com fonts.googleapis.com
4 rtb.mfadsrvr.com 4 redirects
4 pm.w55c.net 4 redirects
4 medianet-match.dotomi.com 4 redirects
4 p.rfihub.com 4 redirects
4 fonts.googleapis.com tinyurl.com
4 www.googletagservices.com securepubads.g.doubleclick.net
8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
4 nym1-ib.adnxs.com tinyurl.com
acdn.adnxs-simple.com
cdn.adnxs.com
4 c2shb.ssp.yahoo.com tinyurl.com
4 tlx.3lift.com tinyurl.com
3 pixel.tapad.com 2 redirects
3 bh.contextweb.com 2 redirects
3 ad.turn.com 3 redirects
3 stags.bluekai.com 3 redirects
3 lg3.media.net tinyurl.com
3 protected-by.clarium.io tinyurl.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 t.pswec.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 dmx.us-east-32.districtm.io
2 districtm-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pixel.advertising.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 us.creativecdn.com 2 redirects
2 secure.adnxs.com acdn.adnxs.com
2 sync.bfmio.com 1 redirects
2 c21lg-d.media.net contextual.media.net
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 dis.criteo.com 2 redirects
2 gum.criteo.com contextual.media.net
2 hbx.media.net contextual.media.net
2 csm.us.criteo.net ads.us.criteo.com
2 hblg.media.net tinyurl.com
2 img.3lift.com tinyurl.com
ib.3lift.com
2 i.clean.gg acdn.adnxs-simple.com
2 8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.ca securepubads.g.doubleclick.net
2 ssc.33across.com tinyurl.com
2 apex.go.sonobi.com tinyurl.com
2 www.facebook.com tinyurl.com
2 confiant-integrations.global.ssl.fastly.net tags-cdn.deployads.com
confiant-integrations.global.ssl.fastly.net
2 stats.g.doubleclick.net tinyurl.com
2 connect.facebook.net tinyurl.com
connect.facebook.net
1 ads.yahoo.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 cms-xch.33across.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.sharethrough.com 1 redirects
1 cs.lkqd.net 1 redirects
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 res-a.akamaihd.net tinyurl.com
1 event.clientgear.com 1 redirects
1 pix.us.criteo.net ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 ads.us.criteo.com 8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
1 rtb.va.us.criteo.com tinyurl.com
1 cdn.adnxs.com tinyurl.com
1 warp.media.net tinyurl.com
1 qsearch-a.akamaihd.net tinyurl.com
1 acdn.adnxs-simple.com tinyurl.com
1 www.google.com tpc.googlesyndication.com
1 ads.yieldmo.com tinyurl.com
1 api.btloader.com btloader.com
1 ad-delivery.net tinyurl.com
1 ad.doubleclick.net tinyurl.com
1 cdn.jsdelivr.net tinyurl.com
1 btloader.com tags-cdn.deployads.com
1 tags-cdn.deployads.com tinyurl.com
1 ajax.googleapis.com tinyurl.com
0 pixel.quantserve.com Failed de.tynt.com
295 108

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.deployads.com
Amazon		 2021-06-03 -
2022-07-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-22 -
2021-12-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.yieldmo.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.google.ca
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
i.clean.gg
GTS CA 1D4		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-09 -
2022-02-06		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-28		 3 months crt.sh
update.3lift.com
R3		 2021-11-04 -
2022-02-02		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh

This page contains 28 frames:

Primary Page: https://tinyurl.com/2p9bpte
Frame ID: 90413E69E4BA5CCD8E56B4D662FB4E65
Requests: 81 HTTP requests in this frame

Frame: https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8881BE2CB222533A1F3419597B9FA811
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC3E2F7DFF7BCD9010DFE6D362D8F6BC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35E0EC78F21B8F1106123FDAB02C7BC5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF7X3qCFoZCyHpyeWAIvY3KnL1oLubb3FMlyKlcgb_0jVNLyVCqlm6zTHhJTIaatyyQIuhb1kK1Wj36vQVjc__wMxpCulc0Sm7vemT6byYoy7U5B6_WEVKxSd4k5_DmVWev0fwFlKCkNnyqbU6jk0dMppkHt9DLqV_S96gyTjVt3D5qHHa8HBVDHukhBg0sFmp_EQ7M2uhvnMkwhjXwSRHLxZmR-1RKZlEASv70uXqeSKbRolQe1fjf7GGDk90tazFlXk5jKrUeai_svrAtJIfgYWLySgKHLJmxvhyBOKBdJ-RD_WP-bWoJhmPC4EnlvJ7&sai=AMfl-YRcAW1T2_wGCn-RZfpIYypIv0YBEEi-ZNtTmP-KmFk6mKY8TKig7EU1ApIcjjm6n0-LkxgN3BMW2WFHukidf6I3J_BoTlV9-QEI_ICEXkvo0jntlJBVKz2AKUKRJo8&sig=Cg0ArKJSzN4nxuSDyi1KEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B7B3A966FBC7CB6BD7DC56118188CAD4
Requests: 21 HTTP requests in this frame

Frame: https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E776218954872D6F4FB95C69FD6F5A4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWR7RIrye12NucO6LJEccGZ_-y0oQOr3K41jHpYc6JTTJcjLvuwDNLRbw9_AxsP-iRxXzTpQhcPVWOK_NQWZ6BB-xfGlhlNcHiLNs5MWQwhcYuzIKzk_2Ukcf8dbIJeqbfZec49Brs7KSZ7n3sPzgcjFg5fvZl5YieYf6CitzrPoYHKhDDRoe62NEXVXE2jclrbI3npYjLBi3mUwzxfLn3H4DcfnqAcdGyqk56P3uZQTrXBhTpkstjhwv19Xcd8w7bcBC1KtX2zE7KiV7sckCRAS_TNRBe9xnu3r0VyLxOuHnvrzz7FRcxHYniEQ3nmg&sai=AMfl-YQ49jdk5HU3hDBGcmhiFAR4Q_V56L8TD7JDsfZqJQRX0WiYEMhnJMjJoA6gfbf1mUuTOdvDPEMjN221YEQMA1QpDWE1hjuuP6Eh7-g44Z8S5dAb8vrbBDsEabQwLxs&sig=Cg0ArKJSzFtpmHz9jFSSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 80DE751B6024AAF2BE9E3E695CE13248
Requests: 16 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Frame ID: CCF861AA9D236B65A400A2E0429FCCE0
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMCGh7up_FMCXm2ugRHLwQeVyOrXhTB77_LCWQK-WsiCot6GP5XNRrLGsO_xhZlT4x9_en4avwf-dAOy-olbhtdtWRPex5cQiaEVHUHesCTYy1IaMDjz5Hafbzdy_YLELQ5tjzfQ6LlKJBfHeY6-y4YTdKfMJvu6VTy5KGMPcqRRHiYI3DkY8hnulBkA5Kir2KiVHgzbwegG-RbZkDNqN6yCuxrpEgoWjgPYrLZWi3F4qZ8X1y0LuQkJOnALbvwAs5RPIihkd5XpEHAXNzBPF8R-VVLJBtASpX0EVYk5PXbCT2MnnyCo44f1OEwQRyC_s&sai=AMfl-YQrMywf3TSnb0jmUm4fmq3yE9IRUrkUhkbUa_QksiZGrPlqn1sDJo3G8o4pssD6TtjVBSc6_h0PGHYLla7UULYASslBo9spsbSlkcUAmbEy9Xg78Q84AiUlsAzDJvWU&sig=Cg0ArKJSzLoGCC4Ey9ZCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 77BE15C6C244E787C23C677D3BA6CC21
Requests: 30 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 11DE8AEED1F198EBC1F3E1C5C06FA917
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 8AD5735AC655F8C7DDDE1CA32A605CFB
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Frame ID: 6108507A8788CDBAE8A14005BDD7AEC7
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188272824582187395889000V10&ovsid=2810316550491447782
Frame ID: 5FFBC8B0873713316E6E5453E1668D8D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188552824582187395889000V10&ovsid=2809753601077611738
Frame ID: 7BFDAA88A3E89D84C37221B8DD23FA96
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 39342975C9225C074042A9B1BC4F9F27
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 30DB2C082062DA18976E4200B2932CE5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 2E2C19B35FF0E1F765D64E3691D8DEE2
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A747238B1501DEE4F7E92C94B9ABBAA5
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: E68E33F9198180E0558A91EA2DC111E3
Requests: 6 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: B31005EA3D84501FCF7B3A6633E5224E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B27F783B8A544DCCA340F0D6C6005B2D
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1BD9B05AA40D4D3BABF70948496BDD1A
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 87D976F0E5BAEFF9C604BA55ADDD8871
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 882B031CBCF0B6FBC93E7A7769959DC6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F24DF7A9068EB6E89759273948F3AB4B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 98085F1D2CE1C1A726EDABF566595951
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: AD407D8AF63F102692C8ECE296BBA5B3
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: AC40A3FB480F2B7BEB76941D6AD67EBB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TinyURL.com - shorten that long URL into a tiny URL

Page Statistics

295
Requests

72 %
HTTPS

29 %
IPv6

61
Domains

108
Subdomains

74
IPs

5
Countries

1694 kB
Transfer

4424 kB
Size

116
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=376360&auId=2d9b6528-dba8-48ce-9d84-f7c38efda658&publisherName=gevcyryvsg&rId=e00188b2-4280-47f5-b716-b859018880c9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D7b6d59bd91684e8291689f1540536581%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=75573&trafficGroup=gevcyryvsg_tybony_nqhavg&trafficSubGroup=ego&aid=143327697936593422563&wp=0.488 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7b6d59bd91684e8291689f1540536581&SNR=1&GV=2&med=10
Request Chain 107
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=376360&auId=1a8b1e83-a622-46d5-8c12-9c069c28650b&publisherName=gevcyryvsg&rId=83243ca6-fb7f-4880-a715-ffb40c6022fd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_2-1-0%3F%26RG%3D20b570b18664483e866f0bf1b6937c35%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=75573&trafficGroup=gevcyryvsg_tybony_nqhavg&trafficSubGroup=ego_pbageby&aid=45686878758139536281&wp=0.482 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=20b570b18664483e866f0bf1b6937c35&SNR=1&GV=2&med=10
Request Chain 135
  • https://eb2.3lift.com/sync?max=10&cb=88942 HTTP 302
  • https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Request Chain 138
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Drkt%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188272824582187395889000V10&ovsid=2810316550491447782
Request Chain 139
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188272824582187395889000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188272824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
Request Chain 140
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dcon%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=49f84f55d46908e8&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dcon%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188272824582187395889000V10&ovsid=AAADKa-SkJ8pZANBrjFkAAAAAAA&expiration=1639543019&is_secure=true
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjgyNDU4MjE4NzM5NTg4OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
Request Chain 142
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188272824582187395889000V10&ovsid=HyyWwnso1MWZyG5
Request Chain 143
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2d94122b-0a30-49de-8be6-cd19db962651
Request Chain 144
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D30d8b910-c16a-4918-883e-092941626810&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129&expires=30&ssp=medianet&bsw_param=30d8b910-c16a-4918-883e-092941626810&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 145
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dzem%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=b9_GHIvsEWnZZvHyr0TL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJQEZSXQY3IMFXGOZJ5NVSWI2LBNZSXIJTPOZZWSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDAVCMEZZGKZSVOJWD2JTUPFYGKPL2MVWSM5TJMQ6TSNBVGY3DCOBYGI3TEOBSGQ2TQMRRHA3TGOJVHA4DSMBQGBLDCMBGOZZWSZB5GI4DENBVHAZDCOBXGM4TKOBYHEYDAMCWGEYA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJQEZSXQY3IMFXGOZJ5NVSWI2LBNZSXIJTPOZZWSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDAVCMEZZGKZSVOJWD2JTUPFYGKPL2MVWSM5TJMQ6TSNBVGY3DCOBYGI3TEOBSGQ2TQMRRHA3TGOJVHA4DSMBQGBLDCMBGOZZWSZB5GI4DENBVHAZDCOBXGM4TKOBYHEYDAMCWGEYA HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188272824582187395889000V10&vsid=2824582187395889000V10
Request Chain 146
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2824582187395889000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2824582187395889000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
Request Chain 147
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Request Chain 148
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
Request Chain 149
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Damb%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188272824582187395889000V10&ovsid=8209823937443231387
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjgyNDU4MjE4NzM5NTg4OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
Request Chain 153
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Drkt%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188552824582187395889000V10&ovsid=2809753601077611738
Request Chain 154
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5b5a0af2-ec76-465e-b5ab-f0c5e6e56d9b
Request Chain 155
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=30d8b910-c16a-4918-883e-092941626810 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd45977f2-fade-4cc6-bcfc-dc65549e2b04&expires=7&user_group=5&ssp=medianet&bsw_param=30d8b910-c16a-4918-883e-092941626810 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 156
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2824582187395889000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2824582187395889000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
Request Chain 157
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Request Chain 158
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
Request Chain 159
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188552824582187395889000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188552824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
Request Chain 160
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dcon%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=1497d9aa67fb08ea&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dcon%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188552824582187395889000V10&ovsid=AAADKmV4rrq8UgMKwPs3AAAAAAA&expiration=1639543019&is_secure=true
Request Chain 161
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188552824582187395889000V10&ovsid=HyyWwnso1MWZyG5
Request Chain 162
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dzem%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=b9_GHIvsEWnZZvHyr0TL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJQEZSXQY3IMFXGOZJ5NVSWI2LBNZSXIJTPOZZWSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDAVCMEZZGKZSVOJWD2JTUPFYGKPL2MVWSM5TJMQ6TSNBVGY3DCOBYGU2TEOBSGQ2TQMRRHA3TGOJVHA4DSMBQGBLDCMBGOZZWSZB5GI4DENBVHAZDCOBXGM4TKOBYHEYDAMCWGEYA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJQEZSXQY3IMFXGOZJ5NVSWI2LBNZSXIJTPOZZWSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDAVCMEZZGKZSVOJWD2JTUPFYGKPL2MVWSM5TJMQ6TSNBVGY3DCOBYGU2TEOBSGQ2TQMRRHA3TGOJVHA4DSMBQGBLDCMBGOZZWSZB5GI4DENBVHAZDCOBXGM4TKOBYHEYDAMCWGEYA HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188552824582187395889000V10&vsid=2824582187395889000V10
Request Chain 163
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Damb%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188552824582187395889000V10&ovsid=8281881531481159323
Request Chain 173
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&dongle=0cfd
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP5EaYuZW0Crxd2w3GjOWlU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 175
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3Mjg0MTk4MDI4MDgyMzMwODk%3D
Request Chain 176
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13728419802808233089&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13728419802808233089&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8b0f785-c85b-4864-98fd-2c1a38609d56&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8b0f785-c85b-4864-98fd-2c1a38609d56&_noobservation=1&_expected_cookie=f323cce023f312260dcef8a19761fb67
Request Chain 177
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13728419802808233089?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-USCDuFVE2oQu0f4l04NTnwlj37wxRxzUtyyD2izX3w--~A&dongle=0883
Request Chain 178
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=13728419802808233089&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D30d8b910-c16a-4918-883e-092941626810%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ad9139607a884a04b5496166466b29c8&ssp=triplelift&bsw_param=30d8b910-c16a-4918-883e-092941626810&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=30d8b910-c16a-4918-883e-092941626810&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 180
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=13728419802808233089 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13728419802808233089&dcc=t
Request Chain 181
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=b9_GHIvsEWnZZvHyr0TL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDAVCM&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDAVCM HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=b9_GHIvsEWnZZvHyr0TL
Request Chain 182
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3021677166712419995&dongle=d407
Request Chain 203
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=376360&auId=1a8b1e83-a622-46d5-8c12-9c069c28650b&publisherName=gevcyryvsg&rId=83243ca6-fb7f-4880-a715-ffb40c6022fd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26tids%3D2%26rg%3D20b570b18664483e866f0bf1b6937c35%26reqver%3D1.0%26med%3D10&rtype=mvFeedbackURL&tagId=75573&trafficGroup=gevcyryvsg_tybony_nqhavg&trafficSubGroup=ego_pbageby&aid=45686878758139536281&wp=0.3193 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&tids=2&rg=20b570b18664483e866f0bf1b6937c35&reqver=1.0&med=10
Request Chain 211
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 212
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 219
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=aa4c0f8f-82b0-4ac3-939c-236fb5788301&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ekNJdTVfc2JNcHhfM3R0cUtTN1h4Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMtwG6dYEuTDFUS62_qMnMY&google_cver=1
Request Chain 220
  • https://ups.analytics.yahoo.com/ups/58423/occ HTTP 302
  • https://c.deployads.com/cs/VRZN?b=y-NtUjkt9E2uECDC8FAbnSc43jLRmi7ZPCjxeB6qE-~A
Request Chain 221
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9cd361b8-1f6b-4b00-8261-cada33dbe129
Request Chain 222
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316550491447782
Request Chain 223
  • https://cs.lkqd.net/cs?partnerId=615&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24userId%24%24 HTTP 302
  • https://c.deployads.com/cs/NXST?b=BKiqwpyM4tY
Request Chain 224
  • https://sync.bfmio.com/syncb?pid=126 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Request Chain 225
  • https://bh.contextweb.com/bh/rtset?pid=562041&ev=1&rurl=https%3A%2F%2Fc.deployads.com%2Fcs%2FPULS%3Fb%3D%%VGUID%% HTTP 302
  • https://c.deployads.com/cs/PULS?b=xmn300wy4v3U&ev=1&pid=562041
Request Chain 226
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=30d8b910-c16a-4918-883e-092941626810&google_hm=MzBkOGI5MTAtYzE2YS00OTE4LTg4M2UtMDkyOTQxNjI2ODEw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHWWfaOS1ygR1j5OjPZANBs&google_cver=1&ssp=sonobi&bsw_param=30d8b910-c16a-4918-883e-092941626810 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=30d8b910-c16a-4918-883e-092941626810
Request Chain 227
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&pubid=fb9580c293 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=aa4c0f8f-82b0-4ac3-939c-236fb5788301 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=aa4c0f8f-82b0-4ac3-939c-236fb5788301 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b5d82f98-25b9-48f9-873c-c39fe4f25fc9%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&ttd_puid=b5d82f98-25b9-48f9-873c-c39fe4f25fc9%2C
Request Chain 228
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
  • https://c.deployads.com/cs/TTD?b=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 232
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=&_test=YbgfbAALwzJNKwAz
Request Chain 233
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 236
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 237
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=&_test=YbgfbAALz1OhPgBR HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YbgfbAALz1OhPgBR&dongle=3c0a&gdpr=0&gdpr_consent=&_test=YbgfbAALz1OhPgBR
Request Chain 238
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 241
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 246
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 253
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1 HTTP 302
  • https://dmx.districtm.io/s/10027/CtDbcFdbhSFDgOKjlWgS?pi=districtm&tc=1
Request Chain 254
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://dmx.districtm.io/s/10057/y-brLwUG1E2uF6TLPwYyFFMV7.E.jaZZOhJ1z37dY-~A
Request Chain 255
  • https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 HTTP 303
  • https://dmx.districtm.io/s/10025/AAB7SU7DcD8AAD5PSBslxw
Request Chain 256
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7ab768d9-5c97-11ec-8252-0253bd5a5729 HTTP 302
  • https://dmx.districtm.io/s/10051/y-h9V5uhdE2uFj7ppUXG4bOfTjp56xc8zU~A~UP7ab768d9-5c97-11ec-8252-0253bd5a5729
Request Chain 257
  • https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
  • https://dmx.districtm.io/s/10056/2810316550491447782
Request Chain 258
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/6dc4aabf-826c-47c3-b6d7-d56b99bf9d67-61b81f6c-4341
Request Chain 259
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&rurl=//dmx.us-east-32.districtm.io/s/10007/ HTTP 302
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=4821a94dd97908e8&is_secure=true&version=1&networkId=33921&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&rurl=%2F%2Fdmx.us-east-32.districtm.io%2Fs%2F10007%2F HTTP 302
  • https://dmx.us-east-32.districtm.io/s/10007/AAADKsBrwcH1xANxsMY1AAAAAAA&expiration=1639543020&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&is_secure=true
Request Chain 260
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-32.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://dmx.us-east-32.districtm.io/s/10016/YbgfbAALz1OhPgBR
Request Chain 261
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/35ad89d8-ce14-45e9-8171-2164b851acd7
Request Chain 262
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/tkQ4328DRjdIYHBG6veiWiV4zaY
Request Chain 263
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 264
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=30d8b910-c16a-4918-883e-092941626810 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=30d8b910-c16a-4918-883e-092941626810 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=73b9c17e-5785-45e4-8572-595dc76bd133&expires=3&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D30d8b910-c16a-4918-883e-092941626810 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=30d8b910-c16a-4918-883e-092941626810 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=30d8b910-c16a-4918-883e-092941626810
Request Chain 265
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1639456620950.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
Request Chain 266
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 267
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=64a3e63321508e7&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKa-SkJ8pywN84dbwAAAAAAA&expiration=1639543021&is_secure=true&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKa-SkJ8pywN84dbwAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 268
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1642048620%26external_user_id%3Dce4b65da-35ba-4eda-ade8-b4b4d7bda1ab HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Request Chain 269
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 270
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent=
Request Chain 271
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 272
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4e6dc337e06308ea&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKmV4rrq8uQMnQwCHAAAAAAA&expiration=1639543021&is_secure=true&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKmV4rrq8uQMnQwCHAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 273
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1642048620%26external_user_id%3Dce4b65da-35ba-4eda-ade8-b4b4d7bda1ab HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Request Chain 274
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1639456620949.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
Request Chain 283
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KX5M552T-Y-ILQ7 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 284
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KX5M552T-Y-ILQ7 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 285
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1TTU1MlQtWS1JTFE3
Request Chain 286
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FyQLi9yuztbnH8jL2C-tHw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3179372288796980115
Request Chain 287
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd361b8-1f6b-4b00-8261-cada33dbe129&expires=28
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAm0nGodk6o-aRJwPztt4uc&google_cver=1
Request Chain 290
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&gdpr=0&gdpr_consent=&expires=30
Request Chain 291
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX5M552T-Y-ILQ7&sigv=1&esig=2~00dd1b329e96012236963217252c366ec53c3d84
Request Chain 292
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzRkOWFjYzc2N2E2MmUwMDNhNWE2YTIxZDk4YmYyYTY5YWEwNjdjZg

295 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2p9bpte
tinyurl.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
acef084c3bf3279537e37a0b2c70b716a4a13473cd833e5f1441d267ca6e3c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 14 Dec 2021 04:36:56 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.26
cache-control
must-revalidate, no-cache, no-store, private
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bd4bbeb49c2ece6-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
legacy.css
tinyurl.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/css/legacy.css
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8cba0a196d49f8d22dd25f99b3c2fd4a112a52f1f93f38dc603212c9ed87629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/2p9bpte
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 13:08:11 GMT
server
cloudflare
age
1832
etag
W/"1675019833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bbed3b75ece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 00:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Dec 2022 00:38:37 GMT
tinyurl_logo.png
tinyurl.com/siteresources/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinyurl.com/siteresources/images/tinyurl_logo.png
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbd195fb6d9f8e94530a0d720b4a96dda93a7c870e77c62796651298ffd2f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/2p9bpte
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:56 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Dec 2021 09:47:49 GMT
server
cloudflare
age
1558
etag
"3999009945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6bd4bbed9f437136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20029
tinyurl.com.js
tags-cdn.deployads.com/a/ 		431 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-cdn.deployads.com/a/tinyurl.com.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-71.ewr53.r.cloudfront.net
Software
awselb/2.0 /
Resource Hash
d40505bbecfb1628aaa64394172289b13174757d413d482d60d64dbc1cc9a684

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:15:10 GMT
Content-Encoding
gzip
Age
1306
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Tue, 14 Dec 2021 04:15:10 GMT
Server
awselb/2.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 19f59f4851bd1754171a506ce0726a08.cloudfront.net (CloudFront)
Cache-Control
max-age=1800,public
X-Amz-Cf-Pop
EWR53-C1
X-Amz-Cf-Id
z3zKpIAOW4YdCYagMqHHkRN3GBPVv4XK9jr6zTvl3LXtiaQsEUv35g==
Expires
Tue, 14 Dec 2021 04:45:10 GMT
common.js
tinyurl.com/siteresources/js/ 		188 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/siteresources/js/common.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f6b72272a78eb9a9e3eed800fbef12e6f6e8fcc03c85d9b6a514f76c9d6f43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/2p9bpte
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Dec 2021 09:47:49 GMT
server
cloudflare
age
6186
etag
W/"2418261891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bbeeb85f7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f041:11:face:b00c:0:3 Denver, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
kMdM/WxyDx44oH44aqHER+RGYSaQ2gTyEMogq8w1+TQEMY7nzheYzmcbHZe1sQoMPr907b3TGXvJPyxEuhCuGg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 14 Dec 2021 04:36:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1863
date
Tue, 14 Dec 2021 04:05:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 14 Dec 2021 06:05:53 GMT
common
tinyurl.com/dyn/ 		43 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/dyn/common
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
340ed74a140bf0c63db9fe62625c5cd6bf3e975267c76848cd79346a58f8b765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tinyurl.com/2p9bpte
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
en
content-type
application/json
cache-control
max-age=0, private
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bbef18ca7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
x-xss-protection
1; mode=block
tinyurl.com
e.deployads.com/e/ 		2 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
tag
btloader.com/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5733520474374144&upapi=true
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d84597c3be8cabb61a4fc814e6605619120387ea51597cf5ff2a87534748230

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6bd4bbf088feca53-YUL
date
Tue, 14 Dec 2021 04:36:57 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2427
etag
W/"6c7e8ebe6594e089a4b5fd7d78c8dce3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbdD10KBJk04f3evhiz5gsccn5R%2Ff%2Fgw4QqgVvLn%2Bwn7Ebj2xjU3jK4hIWVa5cVYCIoCvp5%2BzOfoPfUR%2F1vEPxV9MjQuwlrt1eFM%2FV7bUlyY82dfpXYcams70QsAAM0xAnyyPbl5UmASrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800, must-revalidate
content-encoding
br
config.js
confiant-integrations.global.ssl.fastly.net/63PnFF5pyWGBQmDdBBe7mHE722M/gpt_and_prebid/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/63PnFF5pyWGBQmDdBBe7mHE722M/gpt_and_prebid/config.js
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cce0c1c1da1615f73cf249167fa2e48323a3a878cf13ba02fccf44bd39c30923

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:36:57 GMT
Content-Encoding
gzip
Age
2633
X-Cache
HIT
Connection
keep-alive
Content-Length
10639
x-amz-id-2
PZIlvnbaAgr/51DpY76QebeI767e2yhEOpcrTo/tOdxXv0PNXbe1y6jdvyja7+4xIUvlsgy3pN0=
X-Served-By
cache-yul12820-YUL
Last-Modified
Tue, 14 Dec 2021 03:08:32 GMT
Server
AmazonS3
X-Timer
S1639456617.053637,VS0,VE0
ETag
"754fa9d6563c6cf5d36e336e34c60a92"
x-amz-request-id
SET3HJHA5K8J7SS2
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
393
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211214
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c70969c8a19381bc98aaa3b2746e8f78fd58a7119e984f48565ace8e3c5da1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5751
x-jsd-version
1.0.1190
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19121-FRA, cache-yyz4554-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"695-T6Z5iuqaHxxadnTcelKi7nj/DT8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6bd4bbf08e434bb8-YUL
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
38258a3aa023ee5b5f45a8c149fd28449112dc4bf60411d2c88a4a6e33506df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1070 / 313 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26911
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Dec 2021 04:36:57 GMT
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=351316297&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&utmhid=1562525078&utmr=-&utmp=%2F2p9bpte&utmht=1639456617020&utmac=UA-6779119-1&utmcc=__utma%3D224967455.195856252.1639456617.1639456617.1639456617.1%3B%2B__utmz%3D224967455.1639456617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1836566382&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Dec 2021 04:36:57 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
196261077476671
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/196261077476671?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f041:11:face:b00c:0:3 Denver, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dedb0f39d7396d6806599c5863f2c07e523085647fbf8aa1dfff9a8fb634d489
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88889
x-xss-protection
0
pragma
public
x-fb-debug
0H8ImNgLf+Tp8awFua25qbC1IOrxEqH7PryeztzybPtNv8mjuPnK+AMXeyBPEcnmvP4fOjbFz4SyLs+2aHkZsg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 14 Dec 2021 04:36:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Dec 2021 14:23:51 GMT
px.gif
ad-delivery.net/ 		43 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7704831341192766
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 14 Dec 2021 04:36:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3196
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPQ1bilITYjbSuz3eG%2BkXgFL8oyCeMSmxHq0twyhPcS13GdPf8ztipiHOTuhK0l44W4V8Kc%2F%2F0e%2FW0O%2FSGR5p9k5SH65GbBlT8xHZKT9zR4ttssyH%2BplEJBymtLClHtrkRQw%2BRCu0b8D58AOvA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6bd4bbf10b22ece2-YUL
expires
Tue, 14 Dec 2021 04:43:41 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/ 		189 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/63PnFF5pyWGBQmDdBBe7mHE722M/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:36:57 GMT
Content-Encoding
gzip
Age
641
X-Cache
HIT
Connection
keep-alive
Content-Length
61460
x-amz-id-2
/DHnQNMDhu3LSMbPBOmtmpqdLZ/TV/iNQLs654lCeyeCyJr4yzKVMwYAMGUdCjCJolcI/qIiFHc=
X-Served-By
cache-yul12820-YUL
Last-Modified
Thu, 02 Dec 2021 17:00:39 GMT
Server
AmazonS3
X-Timer
S1639456617.083214,VS0,VE0
ETag
"0bad6e8b774e2623401e436c2a44f48e"
x-amz-request-id
ZYQYY90KHDQ2H736
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
899
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Dec 2021 04:36:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		539 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
b87e9a11d9cbf38748c319752759e71aa4403286c8048b88bc54b13b65f51f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
expires
Tue, 14 Dec 2021 04:36:57 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=c39ATZmVlS&w=5764937749102592&o=5733520474374144&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Ftinyurl.com%2F2p9bpte&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5733520474374144&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=196261077476671&ev=PageView&dl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&rl=&if=false&ts=1639456617299&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639456617298.1113995041&it=1639456617029&coo=false&exp=p1&rqm=GET
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f141:82:face:b00c:0:25de Denver, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 14 Dec 2021 04:36:57 GMT
auction
tlx.3lift.com/header/ 		16 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.6.0&referrer=https%3A%2F%2Ftinyurl.com%2F2p9bpte&tmax=2000
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.10.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-10-65.compute-1.amazonaws.com
Software
/
Resource Hash
952037785d1342d7faac845b1f220e9e5ee5a4c099ff102d7ab17e08ddba3744
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
6126
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.6.0&p=%5B%7B%22placement_id%22%3A%22%2F1966186%2C34718310%2FPub_tinyurl.com_160x600_2_Sortable_Left_Sidebar_0%22%2C%22callback_id%22%3A%22768398c585efe3%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222352983247081644305%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2F2p9bpte&bust=1639456617338&pr=&scrd=1&dnt=false&description=TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.165.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-165-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tinyurl.com
pragma
no-cache
date
Tue, 14 Dec 2021 04:36:57 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ 		861 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22932a1e221b072f%22%3A%22ad559ed82e9f14739f52%7C160x600%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_160x600_2_Sortable_Left_Sidebar_0%22%2C%2210f05919117102c%22%3A%22ad559ed82e9f14739f52%7C728x90%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_728x90_2_Sortable_Leaderboard_0%22%2C%221175785d6f018e3%22%3A%22ad559ed82e9f14739f52%7C300x250%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_300x250_Sortable_Right_Sidebar_0%22%7D&ref=https%3A%2F%2Ftinyurl.com%2F2p9bpte&s=a505e05f-5f3b-49a9-82a5-9daec2a9a9c5&pv=36b113f2-32a0-465d-a811-ab6c10d6fbd5&vp=desktop&lib_name=prebid&lib_v=5.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
a333e6cb6496ccdca039086923e7bb4e91b290a0190ca6409e9a6bc4fc53cfd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:57 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-91
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
505
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
c.deployads.com/openrtb2/ 		45 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.6.0&host=tinyurl.com
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.114.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-114-165.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
10bb8ee6f560be2c751aed2db445c130f3e199a19607ebe96317d9c275576ae3

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:57 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
46558
expires
Thu, 01 Jan 1970 00:00:00 GMT
hb
ssc.33across.com/api/v1/ 		118 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d9HhYeaj8r6QaoaKkGJozW
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74f870848dbd279273e0f1861ad686d70ae3a66ae2d14a021232165b5ce1751c

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		118 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bggfyaakar6PmwaKlId8sQ
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d409a8a519092e2d01699a2dcda3c106838f363c869ffbf53fd93274d666a955

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		47 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
00b81a154830d78f11aa45546f0ce07749a38d2199d7e3815c7d9dc4bc1f5353
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Dec 2021 04:36:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6a12a963-b54d-4663-a118-9da21b33a518
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		375 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
48a2f9e03268ec5515b6dec975fd251e0f3c847f84a5c7701a57caf71749cfd4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:57 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6fd6f96c-f427-4a95-bd3b-f2fe71b278c8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
375
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bbf2af66ca6f-YUL
access-control-allow-headers
origin, content-type
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72295140073&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
caf5009593135b7e5343a9f82903459157182d18ccb783cf1fbc9b974174e544

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c6abf16524d8ebec8ab23192860cb6b002e32edf88f9cfb7d2e193ae5409e492

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969105017575db4f32e72422f001ee&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c4ebf821dd2d851e8c89b99cc4d5fe1b30886fa456ca456c766ce5220a760101

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=272593544037938&correlator=1442887592583668&output=ldjh&impl=fifs&eid=31063914&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211214&iu_parts=1966186%3A34718310%2CPub_tinyurl.com_160x600_2%2CPub_tinyurl.com_728x90_2%2CPub_tinyurl.com_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%2C728x90%2C300x250&prev_scp=st%3D8%26sdbg%3D7%26s%3D0%26u%3Dfk%26br%3Dm%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.25%26hb_adid%3D32b74fb747cd5cd%26hb_bidder%3Dappnexus%26uf%3D4qg%7Cst%3D8%26sdbg%3D7%26s%3D0%26u%3D517%26br%3Dm%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D367e9e32ddd0aa2%26hb_bidder%3Dsortable%26uf%3Du9%7Cst%3D8%26sdbg%3D7%26s%3D0%26u%3D11v%26br%3Dm%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.32%26hb_adid%3D354688245ded687%26hb_bidder%3Dtriplelift%26uf%3D2wf&cust_params=scv%3D2&cookie_enabled=1&bc=31&abxe=1&lmt=1639456617&dt=1639456617741&dlt=1639456616459&idt=809&frm=20&biw=1600&bih=1200&oid=2&adxs=3%2C170%2C1280&adys=357%2C123%2C243&adks=3373584571%2C236599969%2C1415490781&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftinyurl.com%2F2p9bpte&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x839%7C1430x96%7C325x639&msz=170x600%7C1430x90%7C300x250&ga_vid=195856252.1639456617&ga_sid=1639456617&ga_hid=1562525078&ga_fc=true&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
708471b7d237ae286f8678b918d7e55b670129f2521b63bd3015731c061a5a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12009
x-xss-protection
0
google-lineitem-id
5740384470,-1,5740384479
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349459002,-1,138349458999
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4df902d31e9f68e6626da4c71fba02045124d36cd33d50056bb4ee32058cdce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8543
x-xss-protection
0
container.html
8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8881 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 14 Dec 2021 04:36:57 GMT
expires
Wed, 14 Dec 2022 04:36:57 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:57 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1226641b7e74bcc11c47a179476679c8789e3e4249b13df4d2e3dea936a99577
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Dec 2021 04:36:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
98fe0f00-0491-4a4e-90ea-b9547ce36a4c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		65 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.6.0&referrer=https%3A%2F%2Ftinyurl.com%2F2p9bpte&tmax=2000
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.10.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-10-65.compute-1.amazonaws.com
Software
/
Resource Hash
5f254506005dc76cbc62d7a71c339f6737903e448723871001b258be9eb84806
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
12471
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
06ff8e8502c4531f0df93b854f4dfce4acf1137edb18f03febc6b0847767bd4a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:57 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b1fa4a93-c914-4414-b206-2f0d2e5b564b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bbf5292cca6f-YUL
access-control-allow-headers
origin, content-type
auction
c.deployads.com/openrtb2/ 		553 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.6.0&host=tinyurl.com
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.114.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-114-165.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
7d88f7b011edf23ea600a3b84d729ba901ccf8bd56bb2e0f0cafb750acb54d8a

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:57 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
553
expires
Thu, 01 Jan 1970 00:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3b662fdcfa0c1a3cf8a437afc84b6da596b0e62b1b83d165bfeb8ed84edd5763

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
trinity.json
apex.go.sonobi.com/ 		820 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2250fb96682e0c1f1%22%3A%22ad559ed82e9f14739f52%7C728x90%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_728x90_7_desktop_anchor_0%22%7D&ref=https%3A%2F%2Ftinyurl.com%2F2p9bpte&s=35a72a11-d5de-4841-986c-e7596305e63e&pv=36b113f2-32a0-465d-a811-ab6c10d6fbd5&vp=desktop&lib_name=prebid&lib_v=5.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e38927747d03909acc985a8285747cfa66d950cd24118d56ba00c21e815467d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:57 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-91
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
478
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Tue, 14 Dec 2021 04:36:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC3E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 13 Dec 2021 18:46:07 GMT
expires
Tue, 13 Dec 2022 18:46:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 35E0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3dbcf15816270164a42ac8047f860c48c18a7d110e8790ac26a43ddedc84c37
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TzQdcm9xF/CqmlKZh2f5Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 14 Dec 2021 04:36:58 GMT
date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TzQdcm9xF/CqmlKZh2f5Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=272593544037938&correlator=1442887592583668&output=ldjh&impl=fifs&eid=31063914&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211214&iu_parts=1966186%3A34718310%2CPub_tinyurl.com_728x90_7&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=st%3D1%2C8%26sdbg%3D7%26s%3D0%26u%3Do7%26br%3Dm%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.31%26hb_adid%3D5466c86e1a95a5d%26hb_bidder%3Dtriplelift%26uf%3D226&cust_params=scv%3D2&cookie_enabled=1&bc=31&abxe=1&lmt=1639456617&dt=1639456617985&dlt=1639456616459&idt=809&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=1265&adks=3563311070&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftinyurl.com%2F2p9bpte&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=195856252.1639456617&ga_sid=1639456617&ga_hid=1562525078&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
821ddb26aff6e6c2aae4f281c940049e595eddc2b59b4365af43202c3b89feca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8521
x-xss-protection
0
google-lineitem-id
5740385184
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349459038
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame DC3E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 03:47:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
262147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 03:47:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 35E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=272593544037938&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=272593544037938&bg=!tLelt_PNAAZKWFskSlg7ACkAdvg8WtGxMyhkdt9IM3CwUUydjUlJ13vCLpR_gDdmeaRIov3QB4VfOwIAAABQUgAAAAdoAQcKAGxRnZChdNyqp3E3Kmk1iTrP-Kd-Mx_p7BqS4-zzYX71O3OhA2CqJ6IO391oOupfvc5Y3uAVkKn0WACC19Qkdyryb_fuJ3isFy3jBOmghtCYpzAikF_lnFaiP5adHT_874k_KlrDWsbghQilbLqZAqlv0Ig--tnxu2vWmwR-k2pZaxUtOKGIuXrzPpVzafMRJ-El1JmCubhP8TrdWNuXkO6TJvcfOvuMoqopw2hdarG6ArfiB2_mAzEnTSSt_kEM73YrNbh0sSZNtORWc5Ymebd2gP97wQCujtH_reW_-YXIlFWR0SUesexr_qfqTsjDK3VmZPcz1pJX2HO_7NpriQk3RVcbIjiFAnCa9YLsjuM44jHw1M7bLVywGLp8ZIYooCiJTjNiHkGjmhfMMPuvHhFYAGHJPNFl4xdd-l-vFtVIjU9uScp7kndli6nIBiX2KZIsng2dYT4AllE8Ab329OmkZP8jDDEKSoJgUvJ2OAFvOyCXMIqtXr2RnrQT7q0NjzaXw94YMRXs2mJZLGd35n8BHJKSeUZD-5JHmmwhnRvg3EQMaoZrOtx3_VYSHp5THZbSEPtGUmsie_QqVz7sHpV_gPxiKJEdRLQY_u5kSHirDF921IfP0okQX1MT1KJThMe5Tru24bhLr8lJEgtJUhODHYftOnHw9SVEN-SKOb5B71Slsmr5z-mNIpSNrbB7ekUCKp-JphxVxsThGKKccM9ULCVmI3tUDQVNUjJO1xaiS32ATbkcvCwYgJnKbuL5OGx7E_YMmDY3bbY22SovgCoTAg8uY36unmdSVz1mvl3rVgGtdLIB9OfeiV1HPkesjuJg5OeuVPP2_efxPkpa39p5DzT3eKGrrk0WSlDtkat6BViL1swV7hut9nPvCZpdNSgyjrwjkJ6KVRDYoOPty9oX7aa7PLcBUfPAuFf3wA9H3JhFljPrnk5nESqilDqRsts9SlzP5HwDgPC7L0Cjmh7La4EKcqN0xlBEbWlU3YBHnB2BTHfZGbUY0sfMGk4pkPfu_A0lITxYYZah3pfudRbakkKzEz4Rhnc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B7B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF7X3qCFoZCyHpyeWAIvY3KnL1oLubb3FMlyKlcgb_0jVNLyVCqlm6zTHhJTIaatyyQIuhb1kK1Wj36vQVjc__wMxpCulc0Sm7vemT6byYoy7U5B6_WEVKxSd4k5_DmVWev0fwFlKCkNnyqbU6jk0dMppkHt9DLqV_S96gyTjVt3D5qHHa8HBVDHukhBg0sFmp_EQ7M2uhvnMkwhjXwSRHLxZmR-1RKZlEASv70uXqeSKbRolQe1fjf7GGDk90tazFlXk5jKrUeai_svrAtJIfgYWLySgKHLJmxvhyBOKBdJ-RD_WP-bWoJhmPC4EnlvJ7&sai=AMfl-YRcAW1T2_wGCn-RZfpIYypIv0YBEEi-ZNtTmP-KmFk6mKY8TKig7EU1ApIcjjm6n0-LkxgN3BMW2WFHukidf6I3J_BoTlV9-QEI_ICEXkvo0jntlJBVKz2AKUKRJo8&sig=Cg0ArKJSzN4nxuSDyi1KEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 14 Dec 2021 04:36:58 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame B7B3 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
24f164db30f201dfea047e885e44e77a310f64af80264642cddf21c22c395e5c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:36:58 GMT
Content-Encoding
gzip
Age
241
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
39321
X-Served-By
cache-lga21944-LGA, cache-yul12820-YUL
Access-Control-Allow-Origin
*
Last-Modified
Mon, 06 Dec 2021 15:55:26 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1639456618.245465,VS0,VE0
ETag
W/"61ae326e-1d543"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 08 Dec 2021 04:32:46 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 155
nmedianet.js
contextual.media.net/ Frame B7B3 		221 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUY5V96Y
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d089504a91c483597451d9533059303d2e2b3d7c1734ca86e64dabbb89f262e9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-mnt-h
10-4
content-encoding
gzip
server
Apache
etag
"a191178cb3237f8ea4eb99e2e1821274"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Tue, 14 Dec 2021 04:36:58 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-10
expires
Tue, 14 Dec 2021 04:41:58 GMT
log
qsearch-a.akamaihd.net/ Frame B7B3 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=1&ss_d1=0&ogerpm=0.2900&ss_d2=0&stid=14942471&other_prv=4&jar_err=&current_day=2.0&adtyp=0&req_id=5401643685595028393&bd_m3=0.0000&bidfp=0.0000&bd_m2=0.0000&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=7.4614&exp=&second_bidder=*&search_res=21&floor_bucket=0.00&seat=BID_API&size=160x600&url_l1=2p9bpte&f_seg=&prdp=0.2291&local_wr_url=0.0000&ogcbdp=0.2900&dfpbd=0.2291&server=1&ogerpm_wd_bkt=0-1&model_version=202112130645_generic_appn_1-cid_0&viewability=0.4800&dmm_r=0.0000&cut=21&dmm_l=0.0000&as_cache=0&tcyerpm=&sc=ON&send_erpm=true&dmm_m9=0.0000&sd=0&seg=&dmm_m4=0.0000&erpm_bucket=0.30&ugd_ver=&requrl=tinyurl.com%2F2p9bpte%2F&bidrestime=1639456617469&cc=CA&strg=harmony&ss=&current_hour=4&time_stamp=2021-12-14+04%3A36%3A57&model_key=generic_appn_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.2900&ct=Richmond+Hill&akey=&mnckfl=0&bdp_bucket=0.30&algo=unison&dc=east_sc&splid=14942471&dn=tinyurl.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&dmm_m10=1651665&bdp_wider_bucket=1&acid=5401643685595028393_187024813976554532&infl=&o_ver=NT+10.0&br_ver=96.0.4664.93&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.4&totalTimeBucket=4&visibility=0&totalTime=4361390&dmm_m1=2021-12-14+04%3A36%3A57.471486168&e_rpm=0.0000&dmm_m22=0.2900&gdpr=&vsid=&log_less=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CUUKO538&rawbid=0.2900&seat_id=BID_API&sub_bidder=196&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-appnexus-5c798bb85d-kdvzh.SC&dfp_bucket=0.25&adblk=&itype=appnexus&pvid_seat=4_BID_API&cliIP=628673958&advurl=related.advancesimple.com%2F&level_base=0&crid=512816723&sat=1&br_id=265&cut_bkt=20&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.29
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-53-184.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 14 Dec 2021 04:36:58 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame B7B3 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.6.25.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-6-25-130.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Tue, 14 Dec 2021 04:36:58 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=44456
access-control-allow-credentials
true
content-length
62892
expires
Tue, 14 Dec 2021 16:57:54 GMT
trk.js
cdn.adnxs.com/v/s/221/ Frame B7B3 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/221/trk.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:36:58 GMT
Content-Encoding
gzip
Age
3609474
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29240
X-Served-By
cache-lga21963-LGA, cache-yul12824-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 02 Nov 2021 09:57:21 GMT
Server
AkamaiNetStorage
X-Timer
S1639456618.238836,VS0,VE0
ETag
"f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 02 Nov 2022 09:59:04 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 2612681
it
nym1-ib.adnxs.com/ Frame B7B3 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftinyurl.com%252F2p9bpte&e=wqT_3QLtBOhtAgAAAwDWAAUBCOm-4I0GEKSYhoq9wpzMAhgAKjYJHVpkO99PzT8Rs7W-SGjLyT8ZAAAAQDMzEUAhsw0SACkRJAAxARu44XrUPzCHgpAHOJwbQJUJSGBQ8Ki_kgFYl9dMYABor-BlePjPBIABAYoBA1VTRJIFBvBemAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ASFfOTgyNDY3X1B1Yl90aW55dXJsLmNvbV8xNjB4NjAwXzLYAgDgAt3CKuoCG2h0dHBzOi8vdGlueXUJKPQgAS8ycDlicHRlgAMAiAMBkAMAmAMXoAMBqgNAEhg1NDAxNjQzNjg1NTk1MDI4MzkzX3NiaWQaEjE4NzAyNDgxMzk3NjU1NDUzMiIJMzA3MjIxNjE2KgVNMTE3M8ADrALIAwDYA9azL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zNy4xMjAuMjA1LjE2NqgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAE8Ki_kgGIBQGYBQCgBam3_tiByp_7SsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfzKRPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAROwEBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLIEQADIB_jPBNIHDQkBNAEBATgI2gcGCSdE4AcA6gcCCADwB7ijKYoIAhAA&s=ce73bf59b5cc8952859f7a6fc8ead829c0277de5
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.207 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 802.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
61a3ec3d-2020-4f56-9843-6abae560d232
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7B3 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 04:36:58 GMT
container.html
8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E77 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 14 Dec 2021 04:36:57 GMT
expires
Wed, 14 Dec 2022 04:36:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 80DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWR7RIrye12NucO6LJEccGZ_-y0oQOr3K41jHpYc6JTTJcjLvuwDNLRbw9_AxsP-iRxXzTpQhcPVWOK_NQWZ6BB-xfGlhlNcHiLNs5MWQwhcYuzIKzk_2Ukcf8dbIJeqbfZec49Brs7KSZ7n3sPzgcjFg5fvZl5YieYf6CitzrPoYHKhDDRoe62NEXVXE2jclrbI3npYjLBi3mUwzxfLn3H4DcfnqAcdGyqk56P3uZQTrXBhTpkstjhwv19Xcd8w7bcBC1KtX2zE7KiV7sckCRAS_TNRBe9xnu3r0VyLxOuHnvrzz7FRcxHYniEQ3nmg&sai=AMfl-YQ49jdk5HU3hDBGcmhiFAR4Q_V56L8TD7JDsfZqJQRX0WiYEMhnJMjJoA6gfbf1mUuTOdvDPEMjN221YEQMA1QpDWE1hjuuP6Eh7-g44Z8S5dAb8vrbBDsEabQwLxs&sig=Cg0ArKJSzFtpmHz9jFSSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 14 Dec 2021 04:36:58 GMT
bundle.js
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame 80DE 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-104.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 17:37:26 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 17:10:39 GMT
server
AmazonS3
age
39573
etag
"63ce70b8f5a8fd74fd206c097492fb0f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
79992
x-amz-cf-id
pGDfvShU2jZJBQ-DfHzzD-IHWHROfX8z_LxNS0zsg6U9EaGs9-v2IQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80DE 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 04:36:58 GMT
pixel
protected-by.clarium.io/ Frame B7B3 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NjNQbkZGNXB5V0dCUW1EZEJCZTdtSEU3MjJNL2FwcG5leHVzOjE2MHg2MDA=&v=5&s=v31fmrjldmk&id=eyJwcmViaWQiOnsiYWRJZCI6IjMyYjc0ZmI3NDdjZDVjZCIsImNwbSI6MC4yNTM3MzcsInMiOiIvMTk2NjE4NiwzNDcxODMxMC9QdWJfdGlueXVybC5jb21fMTYweDYwMF8yX1NvcnRhYmxlX0xlZnRfU2lkZWJhcl8wIiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjphcHBuZXh1czszMDcyMjE2MTYifQ%3D%3D&sb=undefined&cb=6061474&h=tinyurl.com&d=eyJ3aCI6Ik5qTlFia1pHTlhCNVYwZENVVzFFWkVKQ1pUZHRTRVUzTWpKTkwyRndjRzVsZUhWek9qRTJNSGcyTURBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiMTYweDYwMCJdfX0sIndyIjowfQ==
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.221.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-221-120.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
notify
tlx.3lift.com/header/ Frame 80DE 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.3218&ts=1639456617&aid=143327697936593422563&ec=5563_66529_B8&n=GpwCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9Mzc2MzYwJmF1SWQ9ZTAwMTg4YjItNDI4MC00N2Y1LWI3MTYtYjg1OTAxODg4MGM5JnB1Ymxpc2hlck5hbWU9Z2V2Y3lyeXZzZyZySWQ9ZTAwMTg4YjItNDI4MC00N2Y1LWI3MTYtYjg1OTAxODg4MGM5JnJ0eXBlPW51cmwmdGFnSWQ9NzU1NzMmdHJhZmZpY0dyb3VwPWdldmN5cnl2c2dfdHlib255X25xaGF2ZyZ0cmFmZmljU3ViR3JvdXA9ZWdvJmFpZD0xNDMzMjc2OTc5MzY1OTM0MjI1NjMmd3A9MC40ODjyAq4BCAASFTE0MzMyNzY5NzkzNjU5MzQyMjU2MxgAIAEouysw4YcEQAFIAFAAYAFoCHAIkAEAmAEAqAH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BsAHoA7gBBcAB%2FQHIAegD4AEP8AGH1AP4AegDgAL9AYgCD5ECAAAAAAAA8D%2BZArgehetRuN4%2FoQIAAAAAAADwP6gCALACAMgCAtgCAPECZmZmZmZm5j%2F4AvA3kAMAmAMAoAMAuAMAwAMAyAMA%2BAIMiAMBkgMEOTg5NQ%3D%3D
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.10.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-10-65.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 80DE 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=1&peid=0&aid=143327697936593422563
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
protected-by.clarium.io/ Frame 80DE 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NjNQbkZGNXB5V0dCUW1EZEJCZTdtSEU3MjJNL3RyaXBsZWxpZnQ6MzAweDI1MA==&v=5&s=v31fmrjldni&id=eyJwcmViaWQiOnsiYWRJZCI6IjM1NDY4ODI0NWRlZDY4NyIsImNwbSI6MC4zMjE4LCJzIjoiLzE5NjYxODYsMzQ3MTgzMTAvUHViX3Rpbnl1cmwuY29tXzMwMHgyNTBfU29ydGFibGVfUmlnaHRfU2lkZWJhcl8wIiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjp0cmlwbGVsaWZ0OzU1NjNfNjY1MjlfQjgiLCJhZG9tYWluIjoiYW1hem9uLmNvbSJ9&sb=undefined&cb=7039491&h=tinyurl.com&d=eyJ3aCI6Ik5qTlFia1pHTlhCNVYwZENVVzFFWkVKQ1pUZHRTRVUzTWpKTkwzUnlhWEJzWld4cFpuUTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJ0cmlwbGVsaWZ0Il0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.221.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-221-120.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tinyurl.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Tue, 14 Dec 2021 04:36:58 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame B7B3 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8E77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0FTIaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBO8BT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HttjTZqO1uqHDChMaGAfKgQ8GlUQ7h9dTTT-AssSGShS4zE1AbgzgBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMTUzMDY1MjMwMTUzMjgxGMDKCg&sigh=QXjy0U7ehHY&uach_m=[UACH]&cid=CAQSPgCNIrLMxvPvPiNjKTmRJOH0Z8zBimmvtVtXmHcFssTQQIXFPWDCrXmlUESAE8K-No6JBJcLwnmei2Nu6-cRGAE
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 8E77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=UPm5EdWkAdgFWuIinRcCAAAATCCfDwR8N2MQaR-4YSHVxiZEI_DqNcI0ABI&wp=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
server
Kestrel
content-length
0
server-processing-duration-in-ticks
320442
afr.php
ads.us.criteo.com/delivery/r/ Frame CCF8 		99 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Requested by
Host: 8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
URL: https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f0e4948b1c3a94ac88fd3ba09f9a6248673496cc5c082a626a62f9786e2ed971

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/

Response headers

date
Tue, 14 Dec 2021 04:36:57 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=ypDr3WIR44VR0I2ls4-QZBn_fbHFOFDt9EXYPvLEXSn8iqzPVoeH4d3f_h1IO6zypOHbGjqNoDfs4DZOZEvp9LBXekILFbmtdnHD6QJiY6iu0JeiorWyhRcsrCF9F3AfwTNwY7ugfAuKONVrhOHxkydulqg_hpg3zLOaxo1pYDOIr9Uxak7QU_NDcYBpIGM9G7lmHPDRwXy_5uzXLTNqXn21vRo_RIv_F1PTOX7wKUURtah7pteFGwyEUgstteM4cdZo6g"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
26422894
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8E77 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
URL: https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 04:34:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E77 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
URL: https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 04:36:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8E77 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
URL: https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 04:36:22 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8E77 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
URL: https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 00:27:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 00:27:22 GMT
truncated
/ Frame 80DE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3cb7ee8a0a33dcd24cef6503369585ef73550890a1b44f525b85ae599defcc9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 77BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMCGh7up_FMCXm2ugRHLwQeVyOrXhTB77_LCWQK-WsiCot6GP5XNRrLGsO_xhZlT4x9_en4avwf-dAOy-olbhtdtWRPex5cQiaEVHUHesCTYy1IaMDjz5Hafbzdy_YLELQ5tjzfQ6LlKJBfHeY6-y4YTdKfMJvu6VTy5KGMPcqRRHiYI3DkY8hnulBkA5Kir2KiVHgzbwegG-RbZkDNqN6yCuxrpEgoWjgPYrLZWi3F4qZ8X1y0LuQkJOnALbvwAs5RPIihkd5XpEHAXNzBPF8R-VVLJBtASpX0EVYk5PXbCT2MnnyCo44f1OEwQRyC_s&sai=AMfl-YQrMywf3TSnb0jmUm4fmq3yE9IRUrkUhkbUa_QksiZGrPlqn1sDJo3G8o4pssD6TtjVBSc6_h0PGHYLla7UULYASslBo9spsbSlkcUAmbEy9Xg78Q84AiUlsAzDJvWU&sig=Cg0ArKJSzLoGCC4Ey9ZCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bundle.js
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame 77BE 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-104.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 17:37:26 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 17:10:39 GMT
server
AmazonS3
age
39573
etag
"63ce70b8f5a8fd74fd206c097492fb0f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
79992
x-amz-cf-id
cAVsZLf3eMy6rtx7OxWCbsgymQG2TAez7JVBiUepdmPB3BNgaB3Syw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 77BE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 04:36:58 GMT
notify
tlx.3lift.com/header/ Frame 77BE 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.3193&ts=1639456617&aid=45686878758139536281&ec=5563_66529_B8&n=GqMCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9Mzc2MzYwJmF1SWQ9ODMyNDNjYTYtZmI3Zi00ODgwLWE3MTUtZmZiNDBjNjAyMmZkJnB1Ymxpc2hlck5hbWU9Z2V2Y3lyeXZzZyZySWQ9ODMyNDNjYTYtZmI3Zi00ODgwLWE3MTUtZmZiNDBjNjAyMmZkJnJ0eXBlPW51cmwmdGFnSWQ9NzU1NzMmdHJhZmZpY0dyb3VwPWdldmN5cnl2c2dfdHlib255X25xaGF2ZyZ0cmFmZmljU3ViR3JvdXA9ZWdvX3BiYWdlYnkmYWlkPTQ1Njg2ODc4NzU4MTM5NTM2MjgxJndwPTAuNDgy8gKtAQgAEhQ0NTY4Njg3ODc1ODEzOTUzNjI4MRgAIAEouysw4YcEQAFIAFAAYAFoCHAIkAEAmAEAqAH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BsAHiA7gBBcAB%2BwHIAeID4AEP8AGH1AP4AeIDgAL7AYgCD5ECAAAAAAAA8D%2BZArgehetRuN4%2FoQIAAAAAAADwP6gCALACAMgCAtgCAPECZmZmZmZm5j%2F4AvA3kAMAmAMAoAMAuAMAwAMAyAMA%2BAIMggOrAWh0dHBzOi8vcG9zdC51cGRhdGUuM2xpZnQuY29tLzIvNTk2OTE4L2ltcHJlc3Npb24%2FdGk9NDU2ODY4Nzg3NTgxMzk1MzYyODEmY2I9MTYzOTQ1NjYxNyZpcD0zNy4xMjAuMjA1LjE2NiZkdD01OTY5MTgxNTIwOTUxMzY3MzYxMDAwJnB2PWExNWRmZDk1LTk0MDktNDA3MC1iYTAxLTUzNWVkYjM5MTA3NIgDAZIDBDk4OTU%3D
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.10.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-10-65.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 77BE 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=1&peid=0&aid=45686878758139536281
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
protected-by.clarium.io/ Frame 77BE 		68 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NjNQbkZGNXB5V0dCUW1EZEJCZTdtSEU3MjJNL3RyaXBsZWxpZnQ6NzI4eDkw&v=5&s=v31fmrjlds7&id=eyJwcmViaWQiOnsiYWRJZCI6IjU0NjZjODZlMWE5NWE1ZCIsImNwbSI6MC4zMTkzLCJzIjoiLzE5NjYxODYsMzQ3MTgzMTAvUHViX3Rpbnl1cmwuY29tXzcyOHg5MF83X2Rlc2t0b3BfYW5jaG9yXzAiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOnRyaXBsZWxpZnQ7NTU2M182NjUyOV9COCIsImFkb21haW4iOiJhbWF6b24uY29tIn0%3D&sb=undefined&cb=2979836&h=tinyurl.com&d=eyJ3aCI6Ik5qTlFia1pHTlhCNVYwZENVVzFFWkVKQ1pUZHRTRVUzTWpKTkwzUnlhWEJzWld4cFpuUTZOekk0ZURrdyIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInRyaXBsZWxpZnQiXSwiaGJfc2l6ZSI6WyI3Mjh4OTAiXX19LCJ3ciI6MH0=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.221.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-221-120.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
Server
nginx
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=sortable_ron_d_inarticle_560x182_btf_header&aid=143327697936593422563&rev=c0c4269&ss=12&bc=0.488&pr=un&brid=8&bmid=5563&biid=7152&bcud=488&sid=66529&ts=1639456617&unid=0&domain=tinyurl.com&ref=https%253A%252F%252Ftinyurl.com%252F2p9bpte&rr=creative&fid=1&rb=8&g=0&cb=91819
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
c.gif
www.bing.com/aes/
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=376360&auId=2d9b6528-dba8-48ce-9d84-f7c38efda658&publisherName=gevcyryvsg&rId=e00188b2-4280-47f5-b716-b859018880c9&rlink=https%3A%2F%2Fwww.bing...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7b6d59bd91684e8291689f1540536581&SNR=1&GV=2&med=10
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7b6d59bd91684e8291689f1540536581&SNR=1&GV=2&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AD26BF10007747879CFA6EF0BBF7FFAB Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:58Z
content-length
0
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3B6D52BAEBFB4EF88A14D4290196F1B9 Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:58Z
date
Tue, 14 Dec 2021 04:36:58 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7b6d59bd91684e8291689f1540536581&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
th
www.bing.com/ Frame 80DE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?h=158&id=OAIP.edb8fb3cb98b66bf265eaa01877fe4fd&pid=AdsNative&w=280
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68348f524765cdaf0475c57524c43f0d3d86ac5599bf6a28458dda7b6c660d99

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 989F477EA45441E69194658D3C321B79 Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:58Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
5986
blank
img.3lift.com/ Frame 80DE 		519 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.3lift.com/blank?width=280&height=158
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-99.ewr53.r.cloudfront.net
Software
/
Resource Hash
c3c5ffd5f1a641425acfe6de49c1872c05ec856e13eee106bb9ff4af3fd169c3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 14:55:37 GMT
via
1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
last-modified
Thu, 09 Dec 2021 14:55:37 GMT
age
394881
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=604800
x-amz-cf-pop
EWR53-C3
content-encoding
gzip
content-length
124
x-amz-cf-id
ohZdC1HEqUlamDWaW-ni7OEEokjtGC4UozabohQjxPxqSSOlaDqDWQ==
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 80DE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-104.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 05:16:17 GMT
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
343242
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
3125
x-amz-cf-id
QCEuzTh2PknMTlht3IvEt2SMetK3QIDZ32cKdIv5-spvvGpKlrqMtg==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 80DE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-104.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 01:51:35 GMT
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
355524
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
3518
x-amz-cf-id
RHw_XHBZ61NwEhPjnPMNNcWq3-EhQg4cTSw9BaBm7L64-6FjQ7M8KA==
smtr
contextual.media.net/ Frame B7B3 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUY5V96Y&cpcd=Ytj1ljGO9ng8CmfP49ZQxg%3D%3D&crid=732190595&size=160x600&cc=CA&sc=QC&chnm=HARMONY&pid=8POA28U6L&tpid=TLV4737&https=1&vif=1&requrl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&nse=5&vi=1639456618828265929&lw=1&ugd=4&adt1=8CUUKO538&adt2=512816723&bcpf=B4%2FaN8fOnRrolnfOur8zxgBx&bdrId=4&katid=808057712&katbid=-21&ntv=0&matchstring=hr%3D0&kttle=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&katpre=1&nb=1&adomain=https%3A%2F%2Frelated.advancesimple.com
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b6bf683c3353cd4c9a4438264a516735f547e5862448a63cb96bcc903a0d208c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=604800
content-length
26284
expires
Tue, 14 Dec 2021 04:36:58 GMT
bping.php
lg3.media.net/ Frame B7B3 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=0&prid=8PRVCXX19&cid=8CUY5V96Y&crid=732190595&vi=1639456618828265929&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886781041&r=1639456618495&requrl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1639456618112652881&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p1161148993t202112140436&vgd_pgids=1&vgd_uspa=0&hvsid=00001639456618491006286739582512&gdpr=0&vgd_end=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.6.25.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-6-25-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Tue, 14 Dec 2021 04:36:58 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 14 Dec 2021 04:36:58 GMT
checksync.php
contextual.media.net/ Frame 11DE 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e176986510cb15d7e4f78bdf71c4b5c4a48bf3d91c8f702675f346fd537aa1e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 16 Dec 2021 04:36:58 GMT
date
Tue, 14 Dec 2021 04:36:58 GMT
content-length
11246
clog
hblg.media.net/ Frame B7B3 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&prvAccId=732190595&ckfl=0&lper=1&mx_tgs=160x600&cbdp=0.229&mx_nsz=1&spSource=0&insl=0&vid=5401643685595028393&pvdTmax=67&s_city=secaucus&ltime=32.0&ugd=4&epc=732190595&prvReqId=72039266542720_337669328_512816723141&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&zip=L4S+1R9&app=0&ctr=-1.0&exid=31&spFst=0&mx_TAF=2&mx_GCID=0&cliIPType=v4&device_id=4&pexid=APPNEXUS-982467&ae=false&ybnca_erpm=0.29&brsrclk=0&mx_UCC=5&sbdrid=196&prspt=headerBid&concat%3C%3E=IAB19-18&rtttime=48&usp_status=0&seat=BID_API&apTags%3C%3E=75&mx_PC=1&og_cbdp=0.290&size=160x600&wsip=mowx-low-5746f84c46-lrk2v&mx_TAS=1&currsrc_date=2021-12-10+00%3A00%3A00&mx_gpid_sent=false&xtmax=105&commit_id=f85ea6eb&scrid=307221616&mx_SPRIG=2&viewability=48&mx_divid=14942471&be=0&rtime=24.0&adj0=0.0&tmax=150&s_ip=204.13.193.71&adj2=0.0&adj1=0.0&geoll=false&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&debug_ts=2021-12-14+04%3A36%3A57&reqid=5401643685595028393&sc=ON&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&mowxReqId=5401643685595028393_187024813976554532_3&currsrc=NEXUS&fpusp=false&requrl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&mnrfc=1&bidrestime=1639456617469&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CUY5V96Y-732190595-51-21&moau=true&coppa_enf=false&ocurr=USD&is_rewarded=false&devmodel=Unknown&bdp=0.290&stagid=14942471&ct=Richmond+Hill&spIsReq=3&s=1&snm=SUCCESS&abs=0%7C0%7Cxtmax%3D105%7Cbflag%3D0%7CHARMONY%7Cbrr%3D1&mx_IAB2=2&mx_epbc=8CUY5V96Y&mx_ssBucket=0&vls=0&usp_enf=1&bidflr=0.000&mang=1&mx_isLossNtf=false&coppa_status=N&advUrl=https%3A%2F%2Frelated.advancesimple.com&dn=tinyurl.com&pid=8PR113JGC&spTo=3&dt=O&acid=5401643685595028393_187024813976554532&actltime=33&act=headerBid&ecp=4.3&pvid=4&iframingState=0&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_lr_seg_deal=0&dfpBd=0.229&sckfl=0&dmm_erpm=true&mx_lr=0&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&smbrid=3484&bfs=103&rfc=1&gdpr=0&prvApiId=8CUY5V96Y&dmm_ogerpm=false&epcexp=false&pubid=pub-appnexus-network&csip=rtb-appnexus-5c798bb85d-kdvzh.SC&mx_bsProfile=0&mx_bsBucket=5&cid=8CUUKO538&bcrid=307221616&mx_aurt=0&omul=1.0&spIvt=3&dsid=14942471&apPrfs%3C%3E=39%23%2340%23%2313&ptype=23&vertical=0&chnl=HARMONY&smsrc=1&pst=0&acsn=1&reqsize=160x600&dtc=east_sc&adpos=0&mx_aqcpl_crid=4&ogbdp=0.29&tpbTkn=false&fpuReq=1&itype=APPNEXUS&vcmplrt=-1.0&mx_g_one_uid_sent=None&crid=512816723&geo_source=0&sat=1&mnet_ckfl=0&spCst=0&tgtval=pub-appnexus-network&dfpDiv=14942471&__expireat=1639457217726&opbidflr=0.000&reftype=0&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.29~vis_sd%3D334~dc2%3D1~scd%3Dqc~vl2r_sd%3D2021121400~iurl_b%3D1848.8~url_tkc%3D0~std%3D14942471~last%3D~vis_url_b%3D0.82~ip%3DGxQOy~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D23~rc%3D2%2C3~rps_sd%3D2021121323~vis_b%3D722.33~url_b%3D0.54~url_tvi%3D0~ecp_eer%3D14.83~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.29~bm%3D1~sid%3D3a418aa28a9f13d0a4afb6676f7f74df~sd%3D0~uid%3D2IaaK6DvqgLkoxe4uX~btd%3D3888972332447498076622634622286355252984288592069254545552362077421568~3pcf%3D1000.97~uim%3D0~vurl_b%3D1.02~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D102.49~vurl_l%3D30~CI%3D2629~nts%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.98~isif%3D0~lc%3D1~bid%3D0.29~dc%3D8~vl2r_b%3D3.82~ivurl_l%3D30~supply_tag_id%3D14942471%7Eviewability%3D0.482393%7Ecbdp%3D0.229%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deast_sc%7Exid%3D3484%7Eref_cnt%3D1%7Edalg%3Dunison%7Ebflag%3D0%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.290%7Eseller_tag_id%3D14942471%7EcarrierId%3D0%7Edcut%3D20%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D160x600~bsb%3D5~bsp%3D0~tmx%3D67&utime=1031&sf=0&cpr=0.3295796856207145
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.104.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-104-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
max-age=3600
date
Tue, 14 Dec 2021 04:36:58 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Tue, 14 Dec 2021 10:36:58 GMT
checksync.php
contextual.media.net/ Frame 8AD5 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e176986510cb15d7e4f78bdf71c4b5c4a48bf3d91c8f702675f346fd537aa1e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 16 Dec 2021 04:36:58 GMT
date
Tue, 14 Dec 2021 04:36:58 GMT
content-length
11246
rd_log
nym1-ib.adnxs.com/ Frame B7B3 		0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2F2p9bpte&e=wqT_3QKtBOgtAgAAAwDWAAUBCOm-4I0GEKSYhoq9wpzMAhgAKjYJHVpkO99PzT8Rs7W-SGjLyT8ZAAAAQDMzEUAhsw0SACkRJAAxARu44XrUPzCHgpAHOJwbQJUJSGBQ8Ki_kgFYl9dMYABor-BlePjPBIABAYoBA1VTRJIFBvBemAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ASFfOTgyNDY3X1B1Yl90aW55dXJsLmNvbV8xNjB4NjAwXzLYAgDgAt3CKuoCG2h0dHBzOi8vdGlueXUJKPDeLzJwOWJwdGWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APWsy_gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzcuMTIwLjIwNS4xNjaoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPCov5IBiAUBmAUAoAWpt_7Ygcqf-0rABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX8ykT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAVEFQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaQCAAMAA4sgRAAMgH-M8E0gcNFXcBOAjaBwYJJ0TgBwDqBwIIAPAHuKMpiggCEAA.&s=fb94c13ca15c4e981d6982d4f2262d0cc2c0d070&bdref=https%3A%2F%2Ftinyurl.com%2F2p9bpte&bdtop=true&bdifs=1&bstk=https%3A%2F%2Ftinyurl.com%2F2p9bpte,https%3A%2F%2Ftinyurl.com%2F2p9bpte&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.207 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 802.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bf87be55-0623-4b29-9648-2602970231f2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
truncated
/ Frame 77BE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
783d4caae522bffcdf7bfd26133e7a6cfe0fdfd80ceb4383b4965d890ee8e13f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=sortable_ron_d_inarticle_560x182_btf_header&aid=45686878758139536281&rev=c0c4269&ss=12&bc=0.482&pr=un&brid=8&bmid=5563&biid=7152&bcud=482&sid=66529&ts=1639456617&unid=0&domain=tinyurl.com&ref=https%253A%252F%252Ftinyurl.com%252F2p9bpte&rr=creative&fid=1&rb=8&g=0&cb=40610
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
c.gif
www.bing.com/aes/
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=376360&auId=1a8b1e83-a622-46d5-8c12-9c069c28650b&publisherName=gevcyryvsg&rId=83243ca6-fb7f-4880-a715-ffb40c6022fd&rlink=https%3A%2F%2Fwww.bing...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=20b570b18664483e866f0bf1b6937c35&SNR=1&GV=2&med=10
0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=20b570b18664483e866f0bf1b6937c35&SNR=1&GV=2&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3C64709EE40C4D129E7C6AC6251BF2BF Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:58Z
content-length
0
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD7046B879AB46EBAC74CC1AE61D970F Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:58Z
date
Tue, 14 Dec 2021 04:36:58 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=20b570b18664483e866f0bf1b6937c35&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
blank
img.3lift.com/ Frame 77BE 		519 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.3lift.com/blank?width=280&height=158
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-99.ewr53.r.cloudfront.net
Software
/
Resource Hash
c3c5ffd5f1a641425acfe6de49c1872c05ec856e13eee106bb9ff4af3fd169c3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 14:55:37 GMT
via
1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
last-modified
Thu, 09 Dec 2021 14:55:37 GMT
age
394881
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=604800
x-amz-cf-pop
EWR53-C3
content-encoding
gzip
content-length
124
x-amz-cf-id
cibnVoHr_vaJ3xylWooskE9wx1IDjnfB9UEZhiIDs8ytPY5HGX-hYg==
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 77BE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-104.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 05:16:17 GMT
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
343242
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
3125
x-amz-cf-id
lXNOt0uzSSnMP-VlDvLa68A1taLr_56LHcxQR-jR2npQ-uC1dBcOPw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 77BE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-104.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 01:51:35 GMT
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
355524
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
3518
x-amz-cf-id
tJMb6HVMdDO8P2EBVkx-aeGsNrCueRBkdg_33D19gkx652WtbRCJSg==
th
www.bing.com/ Frame 77BE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?h=158&id=OAIP.992982b771d87e4a04e8cce3d5767104&pid=AdsNative&w=280
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
988207883de26010f5512c0b5676a5011a31c0035b4b261c40b2ff33853fc7af

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D3B6E00575147F18BB9280D6BBFECF7 Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:58Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
6018
privacy_small.svg
static.criteo.net/flash/icon/ Frame CCF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 04:36:58 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame CCF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 04:36:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CCF8 		308 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 09 Dec 2022 04:36:58 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame CCF8 		507 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Fri, 09 Dec 2022 04:36:58 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame CCF8 		43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=aPpcHh1Mc0b6NeO8ZGL1VOCLTA5wSiiG5K_BfLP4YQSSd_4ASWMAUFUT4lgH2m2kzc7n0X7OMDhpz7dQgB0YDIOG8WWJ8Dj7HWRSus9T_hhRnQQtz5Wx5Dr-Ni78tcad6ZvVBN83MtWWoTyir6aSNPQNcDhLr4j-wrlc2nI3GNa6OjRHX2G98QLjo_HJhXApqK-XJ-cUX2uI5NHkOOvyvhgaHTT7pQd6xMzV0XoON5AJAjMmhncA02NCJusqOVuTqY_X3_4f5vSBWWy3gJiufkVnIwzQdZs3qZ1mlO58D7JCs9MUcvwZr6k-6CA4sZuHmegXY9ag8P5B6SzfrYiM6EpzDY_0eVZ02GToYaDXLXNDnhxXwCv69aeIJda6yhTb6TtLW_maK9zuoShvsYA66LlTX_Dv-KulMqniXm3CDiszRAw8lPRK5juM-nHjW0cB1mvrXw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3592596
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B7B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVnPzqzgdTYHzxNXg0SwCbRWNHv2QPYQ9EktkVF5jux8qFUsIB6r4vBKOmEVVqngG-Rd8U8aATYXKcVJbLJwXDeDgweSSajvU1skCn8Qh9CcJQVWFCzQ6M0v7p_ERWSvM9mYwg2Rp5229JHYuBY6cHklDdGbgumgSw6aAAlZUUTxKG1-bc1yFdY1eMBBGqQxf4Hjh1x1D9fWc2xwh52_dt5rpPkM1vdDpTbBgm8NY4Cs6aU_2eOWpri9hM6W6b9vEyJrO0B7a_rATAzqLrD8_erNdLReHg6kUT3haenTIU21VxfxeMPJe-E1Alds05YFZuqvw&sai=AMfl-YSuzgRR9UgPfuwbio9IPpLWIS0K_pRAOtZfYr7lY1zaPxyisU1WQzNUAFydFLFy_MTpF3t0s-4FG328QhycApZjTb7ojmDyIIuZCsQgj0XIIXE8-fx8NGBbqQ_tyKg&sig=Cg0ArKJSzMkOCG-dM25AEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 14 Dec 2021 04:36:58 GMT
truncated
/ Frame B7B3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c127b3654b7bb187418990565c90c0a5e4d72a1631fcd939034554a9c9ba03db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 80DE 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08cc328b694c445da6f0cced97731c877ff03d25b9ca67e39d39c818025a596c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 02:42:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 04:36:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 04:36:58 GMT
css
fonts.googleapis.com/ Frame 80DE 		3 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 02:37:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 04:36:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 04:36:58 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=sortable_ron_d_inarticle_560x182_btf_header&aid=143327697936593422563&rev=c0c4269&ss=12&bc=0.488&pr=un&brid=8&bmid=5563&biid=7152&bcud=488&sid=66529&ts=1639456617&unid=0&domain=tinyurl.com&ref=https%253A%252F%252Ftinyurl.com%252F2p9bpte&rr=creative&fid=1&rb=8&g=0&cb=56662
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame 8E77 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70aa2e2a8bfbeb45f6a98effbb358f92caf98025cdf02999c647990d73dfa874

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame B7B3 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2F2p9bpte&e=wqT_3QLtBOhtAgAAAwDWAAUBCOm-4I0GEKSYhoq9wpzMAhgAKjYJHVpkO99PzT8Rs7W-SGjLyT8ZAAAAQDMzEUAhsw0SACkRJAAxARu44XrUPzCHgpAHOJwbQJUJSGBQ8Ki_kgFYl9dMYABor-BlePjPBIABAYoBA1VTRJIFBvBemAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ASFfOTgyNDY3X1B1Yl90aW55dXJsLmNvbV8xNjB4NjAwXzLYAgDgAt3CKuoCG2h0dHBzOi8vdGlueXUJKPQgAS8ycDlicHRlgAMAiAMBkAMAmAMXoAMBqgNAEhg1NDAxNjQzNjg1NTk1MDI4MzkzX3NiaWQaEjE4NzAyNDgxMzk3NjU1NDUzMiIJMzA3MjIxNjE2KgVNMTE3M8ADrALIAwDYA9azL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zNy4xMjAuMjA1LjE2NqgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAE8Ki_kgGIBQGYBQCgBam3_tiByp_7SsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfzKRPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAROwEBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLIEQADIB_jPBNIHDQkBNAEBATgI2gcGCSdE4AcA6gcCCADwB7ijKYoIAhAA&s=ce73bf59b5cc8952859f7a6fc8ead829c0277de5&type=nv&nvt=5&jm=1003&px=8&py=357&bw=160&bh=600&sid=3288481211362725850&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14942471&sw=1600&sh=1200&pw=2008&ph=1365&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.207 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 802.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e5babdae-7778-409c-a78d-821b813c0ecb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame CCF8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 04:36:58 GMT
img
pix.us.criteo.net/img/ Frame CCF8 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=176&m=0&partner=45125&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F45125%2F211103%2F40e87d691a294fda9756acdfcdc9f254_untitled_design.png&v=3&w=290&s=XzuI9A5VXXxZ0vYilrrYlfdU
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
23ebed6d9518b1cd0d2d4bb3963b2ff7263c0cd2e0df67d35966f12402aebd67

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27703381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20787
expires
Sun, 30 Oct 2022 20:00:00 GMT
all
csm.us.criteo.net/ Frame CCF8 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=ypDr3WIR44VR0I2ls4-QZBn_fbHFOFDt9EXYPvLEXSn8iqzPVoeH4d3f_h1IO6zypOHbGjqNoDfs4DZOZEvp9LBXekILFbmtdnHD6QJiY6iu0JeiorWyhRcsrCF9F3AfwTNwY7ugfAuKONVrhOHxkydulqg_hpg3zLOaxo1pYDOIr9Uxak7QU_NDcYBpIGM9G7lmHPDRwXy_5uzXLTNqXn21vRo_RIv_F1PTOX7wKUURtah7pteFGwyEUgstteM4cdZo6g&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:58 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CCF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 04:36:58 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CCF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 04:36:58 GMT
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=sortable_ron_d_inarticle_560x182_btf_header&aid=143327697936593422563&rev=c0c4269&ss=12&bc=0.488&pr=0.3218&brid=8&bmid=5563&biid=7152&bcud=488&sid=66529&ts=1639456617&unid=0&cepos=0&ceid=-1&cb=59363
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
css
fonts.googleapis.com/ Frame 77BE 		2 KB
551 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08cc328b694c445da6f0cced97731c877ff03d25b9ca67e39d39c818025a596c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 02:41:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 04:36:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 04:36:58 GMT
css
fonts.googleapis.com/ Frame 77BE 		3 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 02:43:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 04:36:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 04:36:58 GMT
sce
eb2.3lift.com/ Frame 77BE 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Ftinyurl.com%2F2p9bpte&lvl=3&inv_code=sortable_ron_d_inarticle_560x182_btf_header&e=Fixed%20Parent%203
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=sortable_ron_d_inarticle_560x182_btf_header&aid=45686878758139536281&rev=c0c4269&ss=12&bc=0.482&pr=un&brid=8&bmid=5563&biid=7152&bcud=482&sid=66529&ts=1639456617&unid=0&domain=tinyurl.com&ref=https%253A%252F%252Ftinyurl.com%252F2p9bpte&rr=creative&fid=1&rb=8&g=0&cb=47802
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
analytics.js
s.update.3lift.com/2/596918/ Frame 77BE 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/596918/analytics.js?pv=a15dfd95-9409-4070-ba01-535edb391074&to=3&ai=8&pp=9374&si=38586&sr=12&pc=75573&di=tinyurl.com&md=1&gt=6251999&c1=5563&c2=66529&ti=45686878758139536281&cb=1639456617&dt=5969181520951367361000
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
c645c534749e351800f77559d8d9024693b0366ada340d181e60b25fafa12c30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2849
Expires
0
sync
eb2.3lift.com/ Frame 6108
Redirect Chain
  • https://eb2.3lift.com/sync?max=10&cb=88942
  • https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
ac73208a253e42dc0e65f91e6187aa72477631812980ab92f8c33157473d87f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-type
text/html; charset=utf-8
content-length
464
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-length
0
location
/sync?max=10&cb=88942&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pubcid.php
hbx.media.net/ Frame 11DE 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Tue, 14 Dec 2021 04:36:58 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 05:06:58 GMT
sync
gum.criteo.com/ Frame 11DE 		61 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1625
strict-transport-security
max-age=86400; preload;
content-length
175
expires
60
cksync.html
contextual.media.net/ Frame 5FFB
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Drkt%26refUrl%3D%26vid%3D94566188272824582187395889...
  • https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188272824582187395889000V10&ovsid=2810316550491447782
219 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188272824582187395889000V10&ovsid=2810316550491447782
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT

Redirect headers

Date
Tue, 14 Dec 2021 04:36:58 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188272824582187395889000V10&ovsid=2810316550491447782
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188272824582187395889000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188272824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188272824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188272824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dcon%26refUr...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=49f84f55d46908e8&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188272824582187395889000V10&ovsid=AAADKa-SkJ8pZANBrjFkAAAAAAA&expiration=1639543019&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188272824582187395889000V10&ovsid=AAADKa-SkJ8pZANBrjFkAAAAAAA&expiration=1639543019&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188272824582187395889000V10&ovsid=AAADKa-SkJ8pZANBrjFkAAAAAAA&expiration=1639543019&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync
cs.media.net/ Frame 11DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjgyNDU4MjE4NzM5NTg4OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
45 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
104.76.104.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-104-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D9456618827282458218739...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D9456618827282458...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188272824582187395889000V10&ovsid=HyyWwnso1MWZyG5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188272824582187395889000V10&ovsid=HyyWwnso1MWZyG5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-018108fe2d44e5995@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188272824582187395889000V10&ovsid=HyyWwnso1MWZyG5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2d94122b-0a30-49de-8be6-cd19db962651
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2d94122b-0a30-49de-8be6-cd19db962651
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2d94122b-0a30-49de-8be6-cd19db962651
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1052193
content-length
0
expires
Tue, 14 Dec 2021 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D30d8b910-c16a-4918-883e-0929416268...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129&expires=30&ssp=medianet&bsw_param=30d8b910-c16a-4918-883e-092941626810&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 14 Dec 2021 04:36:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dzem%26refUrl%3D%26vid%3D9456618827282458218739588...
  • https://stags.bluekai.com/site/23178?id=b9_GHIvsEWnZZvHyr0TL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJQEZSXQY3IMFXGOZJ5NVSWI2LBNZSXIJTPOZZWSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDA...
  • https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188272824582187395889000V10&vsid=2824582187395889000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188272824582187395889000V10&vsid=2824582187395889000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:59 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188272824582187395889000V10&vsid=2824582187395889000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
197
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2824582187395889000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2824582187395889000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cksync
cs.media.net/ Frame 11DE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
104.76.104.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-104-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 11DE
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Tue, 14 Dec 2021 04:36:59 GMT
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cksync.php
contextual.media.net/ Frame 11DE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Damb%26refUrl%3D%26vid%3D94566188272824582187395889000V10%26o...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188272824582187395889000V10&ovsid=8209823937443231387
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188272824582187395889000V10&ovsid=8209823937443231387
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188272824582187395889000V10&ovsid=8209823937443231387
pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pubcid.php
hbx.media.net/ Frame 8AD5 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Tue, 14 Dec 2021 04:36:58 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 05:06:58 GMT
sync
gum.criteo.com/ Frame 8AD5 		61 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1521
strict-transport-security
max-age=86400; preload;
content-length
175
expires
60
cksync
cs.media.net/ Frame 8AD5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjgyNDU4MjE4NzM5NTg4OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
45 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
104.76.104.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-104-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEHbRAXHJdKqOejBhoJlXPIo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 7BFD
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Drkt%26refUrl%3D%26vid%3D94566188552824582187395889...
  • https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188552824582187395889000V10&ovsid=2809753601077611738
219 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188552824582187395889000V10&ovsid=2809753601077611738
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Date
Tue, 14 Dec 2021 04:36:58 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=10&vsid=2824582187395889000V10&type=rkt&refUrl=&vid=94566188552824582187395889000V10&ovsid=2809753601077611738
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5b5a0af2-ec76-465e-b5ab-f0c5e6e56d9b
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5b5a0af2-ec76-465e-b5ab-f0c5e6e56d9b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5b5a0af2-ec76-465e-b5ab-f0c5e6e56d9b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
947044
content-length
0
expires
Tue, 14 Dec 2021 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=30d8b910-c16a-4918-883e-092941626810
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd45977f2-fade-4cc6-bcfc-dc65549e2b04&expires=7&user_group=5&ssp=medianet&bsw_param=30d8b910-c16a-4918-883e-092941626810
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=30d8b910-c16a-4918-883e-092941626810&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 14 Dec 2021 04:36:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2824582187395889000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2824582187395889000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=c849be77-01bc-4b1e-a5f3-2bf64838915c&cs=1
date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cksync
cs.media.net/ Frame 8AD5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
104.76.104.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-104-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 8AD5
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
0
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2824582187395889000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Tue, 14 Dec 2021 04:36:58 GMT
date
Tue, 14 Dec 2021 04:36:58 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188552824582187395889000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188552824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188552824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=son&refUrl=&vid=94566188552824582187395889000V10&ovsid=aa4c0f8f-82b0-4ac3-939c-236fb5788301
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dcon%26refUr...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=1497d9aa67fb08ea&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188552824582187395889000V10&ovsid=AAADKmV4rrq8UgMKwPs3AAAAAAA&expiration=1639543019&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188552824582187395889000V10&ovsid=AAADKmV4rrq8UgMKwPs3AAAAAAA&expiration=1639543019&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=con&refUrl=&vid=94566188552824582187395889000V10&ovsid=AAADKmV4rrq8UgMKwPs3AAAAAAA&expiration=1639543019&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D9456618855282458218739...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Ddxu%26refUrl%3D%26vid%3D9456618855282458...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188552824582187395889000V10&ovsid=HyyWwnso1MWZyG5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188552824582187395889000V10&ovsid=HyyWwnso1MWZyG5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:58 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-047b5a41bfc29ef3f@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=dxu&refUrl=&vid=94566188552824582187395889000V10&ovsid=HyyWwnso1MWZyG5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Dzem%26refUrl%3D%26vid%3D9456618855282458218739588...
  • https://stags.bluekai.com/site/23178?id=b9_GHIvsEWnZZvHyr0TL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJQEZSXQY3IMFXGOZJ5NVSWI2LBNZSXIJTPOZZWSZB5MI4V6R2IJF3HGRKXNZNFU5SIPFZDA...
  • https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188552824582187395889000V10&vsid=2824582187395889000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188552824582187395889000V10&vsid=2824582187395889000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:59 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=10&ovsid=b9_GHIvsEWnZZvHyr0TL&refUrl=&type=zem&vid=94566188552824582187395889000V10&vsid=2824582187395889000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
197
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 8AD5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2824582187395889000V10%26type%3Damb%26refUrl%3D%26vid%3D94566188552824582187395889000V10%26o...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188552824582187395889000V10&ovsid=8281881531481159323
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188552824582187395889000V10&ovsid=8281881531481159323
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 14 Dec 2021 04:36:59 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=10&vsid=2824582187395889000V10&type=amb&refUrl=&vid=94566188552824582187395889000V10&ovsid=8281881531481159323
pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=sortable_ron_d_inarticle_560x182_btf_header&aid=45686878758139536281&rev=c0c4269&ss=12&bc=0.482&pr=0.3193&brid=8&bmid=5563&biid=7152&bcud=482&sid=66529&ts=1639456617&unid=0&cepos=0&ceid=-1&cb=95598
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 80DE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinyurl.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:20:29 GMT
x-content-type-options
nosniff
age
602189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 05:20:29 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 80DE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinyurl.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 22:28:21 GMT
x-content-type-options
nosniff
age
194917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 11 Dec 2022 22:28:21 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=196261077476671&ev=Microdata&dl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&rl=&if=false&ts=1639456618892&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL%22%2C%22meta%3Adescription%22%3A%22TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.%22%2C%22meta%3Akeywords%22%3A%22tinyurl%20url%20save%20share%20shorten%20analyze%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639456617298.1113995041&it=1639456617029&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f141:82:face:b00c:0:25de Denver, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 14 Dec 2021 04:36:58 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 77BE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinyurl.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 05:20:29 GMT
x-content-type-options
nosniff
age
602189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 05:20:29 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 77BE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tinyurl.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 22:28:21 GMT
x-content-type-options
nosniff
age
194917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 11 Dec 2022 22:28:21 GMT
truncated
/ Frame 3934 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3934 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
firasans_bold.woff
res-a.akamaihd.net/__media__/fonts/firasans_bold/ Frame 3934 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/firasans_bold/firasans_bold.woff
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.53.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-53-187.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f76726654621b5bf25797f3a07641473a2f723bbcfe6b0984107539b1f8b9a0

Request headers

Referer
https://tinyurl.com/
Origin
https://tinyurl.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:36:59 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-72a4"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29348
xuid
eb2.3lift.com/ Frame 6108
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuid
eb2.3lift.com/ Frame 6108
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP5EaYuZW0Crxd2w3GjOWlU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP5EaYuZW0Crxd2w3GjOWlU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP5EaYuZW0Crxd2w3GjOWlU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6108
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3Mjg0MTk4MDI4MDgyMzMwODk%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3Mjg0MTk4MDI4MDgyMzMwODk%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3Mjg0MTk4MDI4MDgyMzMwODk%3D
date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 6108
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13728419802808233089&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13728419802808233089&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8b0f785-c85b-4864-98fd-2c1a38609d56&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8b0f785-c85b-4864-98fd-2c1a38609d56&_noobservation=1&_expected_cookie=f323cce...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8b0f785-c85b-4864-98fd-2c1a38609d56&_noobservation=1&_expected_cookie=f323cce023f312260dcef8a19761fb67
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6bd4bbfef91bca63-YUL
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8b0f785-c85b-4864-98fd-2c1a38609d56&_noobservation=1&_expected_cookie=f323cce023f312260dcef8a19761fb67
date
Tue, 14 Dec 2021 04:36:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6bd4bbfeb8fbca63-YUL
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 6108
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13728419802808233089?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-USCDuFVE2oQu0f4l04NTnwlj37wxRxzUtyyD2izX3w--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-USCDuFVE2oQu0f4l04NTnwlj37wxRxzUtyyD2izX3w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 14 Dec 2021 04:36:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-USCDuFVE2oQu0f4l04NTnwlj37wxRxzUtyyD2izX3w--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 6108
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=13728419802808233089&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_par...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ad9139607a884a04b5496166466b29c8&ssp=triplelift&bsw_param=30d8b910-c16a-4918-883e-092941626810&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=30d8b910-c16a-4918-883e-092941626810&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=30d8b910-c16a-4918-883e-092941626810&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=30d8b910-c16a-4918-883e-092941626810&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 14 Dec 2021 04:36:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 6108 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=13728419802808233089&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
etag
"c4ddde5e69d2d71:0"
last-modified
Fri, 05 Nov 2021 17:20:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D77C1908C53641DC9119BE1D0CB674AF Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 6108
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=13728419802808233089
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13728419802808233089&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13728419802808233089&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DQ7N7277JVP121TSMCVQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13728419802808233089&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6108
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=b9_GHIvsEWnZZvHyr0TL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MI4V6R2IJF3HG...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=b9_GHIvsEWnZZvHyr0TL
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=b9_GHIvsEWnZZvHyr0TL
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:59 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=b9_GHIvsEWnZZvHyr0TL
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 6108
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3021677166712419995&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3021677166712419995&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=88942&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3021677166712419995&dongle=d407
pragma
no-cache
date
Tue, 14 Dec 2021 04:36:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
view
securepubads.g.doubleclick.net/pcs/ Frame 80DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst200PHG2gC-Tfh8S2O-vAZzjte2iG4cRTiMloGH1hw9Z1zxoOMPxkzW06XfByo64z5SUamX0zrg25NQBf8wNja_kE7toyZLhCBvcgzQrTYevibfb-U29kSnqBrfRaFX5dk-4_UP6-Uj1gx_5AlWd7Df0Ntm5ALnkhhkNF3qgVaXpabp42SxyVO5Z_hgIdbznQ4GIO9TjUBazhabme9OffADLG5fUmxI_EufBDNT8XlTk8KzEcp4iCoj2vHddzAtYLj4UcH9G2gCzt2hnV5ivtu1X66_s08h99k9rHg-BggYHR5lq8vmrJhDw7aLodMYcXm&sai=AMfl-YS_u7HyLjkeuOiu28Js0F9pZNwr3J1bm-Kajam_tN0il9edwt54tDnRiKHPpSaSNcPP-RTEso08mCh1Oap9XN4fB_kX2UGKZ1_owsjamM1G4op59AyRE-5VmtCxE2o&sig=Cg0ArKJSzIFpwlrsPf-BEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 14 Dec 2021 04:36:59 GMT
log
c21lg-d.media.net/ Frame 8AD5 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=cde8d3c8-1a0e-4d51-bdce-6c878396e2b6&cs=15&vsid=2824582187395889000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 14 Dec 2021 04:36:59 GMT
log
c21lg-d.media.net/ Frame 11DE 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=cde8d3c8-1a0e-4d51-bdce-6c878396e2b6&cs=15&vsid=2824582187395889000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUUKO538&prvid=2033%2C175%2C132%2C178%2C3018%2C214%2C3015%2C3014%2C238%2C97%2C99%2C77%2C59%2C38%2C182%2C184%2C141%2C241%2C188%2C222%2C201%2C4%2C246%2C147%2C225%2C203%2C80%2C10000%2C9%2C229%2C307%2C208&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 14 Dec 2021 04:36:59 GMT
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?oz_pl=1&to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&_x=1
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=a15dfd95-9409-4070-ba01-535edb391074&to=3&ai=8&pp=9374&si=38586&sr=12&pc=75573&di=tinyurl.com&md=1&gt=6251999&c1=5563&c2=66529&ti=45686878758139536281&cb=1639456617&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:36:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.3lift.com/2/2.43.1/ Frame 77BE 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/main.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
bfa12779f481d024004ac40f96aa837e671f2b6362ca6b3b84f6edf061825e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:36:58 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
48454
Expires
Fri, 22 Aug 2053 05:29:40 GMT
bql.php
lg3.media.net/ Frame 3934 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&&vgd_l2type=sca&v=1&gdpr=0&geo=45.5%7C-73.57&dlper=20&lper=100&lpid=&tsid=2&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170785125&bca=0&ugd=4&vgd_chost=&vgd_fcic=0&vgde_setid=Nff&ksu=224&fdkt=331&kwd[]=Vinegar+for+Hair+Loss&kwt[]=331&kbc[]=global&kwp[]=1&kid[]=179220691&kbc2[]=rps%3D3.20%7C%7Cps%3D0.251%7C%7Crpc%3D0.82%7C%7Clvl%3D4.17&ktd[]=274911592704&ktrkt[]=Vinegar+for+Hair+Loss&kwd[]=Older+Women+Trendy+Dresses&kwt[]=331&kbc[]=global&kwp[]=2&kid[]=324945343&kbc2[]=rps%3D1.96%7C%7Cps%3D0.251%7C%7Crpc%3D0.48%7C%7Clvl%3D3.77&ktd[]=274911592704&ktrkt[]=Older+Women+Trendy+Dresses&kwd[]=Best+Exercise+to+Lose+Belly+Fat&kwt[]=331&kbc[]=global&kwp[]=3&kid[]=48849903&kbc2[]=rps%3D1.60%7C%7Cps%3D0.251%7C%7Crpc%3D0.56%7C%7Clvl%3D3.57&ktd[]=274911592704&ktrkt[]=Best+Exercise+to+Lose+Belly+Fat&kwd[]=Emergency+Money+Assistance&kwt[]=331&kbc[]=global&kwp[]=4&kid[]=312650877&kbc2[]=rps%3D3.41%7C%7Cps%3D0.251%7C%7Crpc%3D0.82%7C%7Clvl%3D3.58&ktd[]=274911592704&ktrkt[]=Emergency+Money+Assistance&kwd[]=Best+Clothes+for+Older+Women&kwt[]=331&kbc[]=global&kwp[]=5&kid[]=329893240&kbc2[]=rps%3D3.03%7C%7Cps%3D0.251%7C%7Crpc%3D0.86%7C%7Clvl%3D4.17&ktd[]=274894815488&ktrkt[]=Best+Clothes+for+Older+Women&kwd[]=10+Stocks+to+Buy+Right+Now&kwt[]=331&kbc[]=global&kwp[]=6&kid[]=324953715&kbc2[]=rps%3D2.66%7C%7Cps%3D0.251%7C%7Crpc%3D0.61%7C%7Clvl%3D3.76&ktd[]=274894815488&ktrkt[]=10+Stocks+to+Buy+Right+Now&cid=8CUY5V96Y&vwid=1639456618828265929&vi=1639456618828265929&tdAdd[]=ib%3D0&vsid=2824582187395889000V10&kbbq=asn%3D9009%26&tdAdd[]=asnum%3D9009&vgd_l3_sc=qc&vgd_hb_audit_1=8CUUKO538&vgd_hb_audit_2=512816723&vgd_katid=808057712&vgd_katbid=-21&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785125&vgd_nrrv=2109&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=montreal&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1639456618112652881&sttm=1639456618491&upk=1639456618.29368&hvsid=00001639456618491006286739582512&verid=3111299&vgd_matchstr=hr%3D0&sbdrId=196&lineitemid=4&vgd_ecrid=307221616&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POA28U6L&&abpl=2&&vgd_vstrid=2824582187395889000V10&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.fi~e8QMQOvAAH~ONfvu~QNOv%20N~ejfLMQOvf9fuufuH99~8xLjMGvuWHW.W~xLjM7UNv9~Q7OvuHiHfHhu~j1Q7v~e8QMxLjMGv9.Wf~8EvZ-ga5~kGGv9~e8QMxLjMjvA9~L88Ex1v9%2C9~J7vfA~LNvf%2CA~LEQMQOvf9fuufuAfA~e8QMGvhff.AA~xLjMGv9.XH~xLjM7e8v9~JNEMJJLvuH.WA~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.fi~GYvu~Q8OvA1HuW11fW1ikuAO91H1kGFFhFkhkhHOk~QOv9~x8OvfV11CFre%20yTUm-JHxt~G7OvAWWWihfAAfHHhHiW9hFFffFAHFfffWFAXXfXfiWHfWWXif9FifXHXHXXXfAFf9hhHfuXFW~AENkvu999.ih~x8Yv9~exLjMGvu.9f~QQvIK~x8Bvou~NJv9~LEQMGvu9f.Hi~exLjMjvA9~%3DVvfFfi~z7Qvu~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.iW~8Q8kv9~jNvu~G8Ov9.fi~ONvW~ejfLMGvA.Wf~8exLjMjvA9~QxEEj5M71yM8OvuHiHfHhu~e8JB1G8j875v9.HWfAiA~NGOEv9.ffi~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJ1Q7MQN~-8OvAHWH~LJkMNz7vu~O1jyvxz8Qmz~Gkj1yv9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.999~myG8Ov9.fi9~QJjjJLM71yM8OvuHiHfHhu~N1LL8JLVOv9~ONx7vf9~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvuF9-F99~GQGvX~GQEv9~7Y-vFh&vgd_optout=0&vgd_cfud=210510&vgd_scsver=107&vgd_l2ch=0&vgd_rensize=160_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A160%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001639456618491006286739582512&subBdr=196&bdrid=4&fp=e_p-YRn-lqa06T_ksmpDPbbTOfFUP2Ih5s6uOhR9l79a9X-tZnZBNg3gbGTshNUDVBdqlXc_eUOvAJDKmHBm-LvLFqmhtaBOXutTr5LrA5jOd2HCi97VeBFSiOJHY2tcqaQpHMWjMWg%3D&cme=pR2r0LnMEdhGAZQTDFQNFEdnHezPNP53e0uy9z6AFnS5te4iw5Vcv7fU857ERYQjqkiX7EmbaAot_BaCyrfX8QYo2OmOURdGi4TZ_bSJHmeCjiIp_xP8GNWjNNlk_uLxRPw9MikJpYMQoEyS_RAnI7SCB49encXBz2wf6fi-qbRDmqHve6Ey_m2_FvpnnxUVy6TXGa1od_A76TAHuh10aQ%3D%3D%7C%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAcsw5otxGIE7cKt4Kuzck3-%7C1o6OFOzSGkAah3D7LtWnWB6K30dZ9llS%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7Ca0AmFUYXmD5FiATULhOaKtEu1IhihVMNxXPh_A_drF5DCVBwLZ-kQw%3D%3D%7CMhSffBRfuCOyCp4u_bjS9Q%3D%3D%7ChiOyMSK_byVjxO97yMyTOfm-I3uMm9-Tn6tRDNaDM3tZNBwJ0M-r8t3L4yoTI8mfFssmqhv6T7Es0rnEFMHyKOOy5_p3R86XyigvZwhtNQqjEUB80J9e2W4TngCGquK6uoNLxVGQWTD_oxV911zx9Bz372eq65zlklggBFIZJPNYxYUJ3oZeObV_kxNrx0E7cYMYVTyJara7U1hXfDX0uGCYcaa-pc0M%7CECZQquDAdXO219s_zvdUcg%3D%3D%7C&rc=0&rand=1639456618992&acid=5401643685595028393_187024813976554532&matm=1639456618992&requrl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&vgd_x_pos=8&vgd_y_pos=357&vgd_ren_page_h=1365&vgd_ltime=815&vgd_ltimesrc=1&vgd_l1hcsd=N4%7C8184&vgd_l1ch=1&vgd_lhl=2926&vgd_pgid=p1161148993t202112140436&vgd_kals=ttype%3D10018%7C%7Cpc%3D16%7C%7Cfat%3D1&vgd_kalog=CI%3D2565%7C%7CHID%3D0%7C%7CSI%3D371%7C%7CSID%3D8%7C%7CUUID%3D2IakUoCuP0mJNoVavq%7C%7CMPTD%3D640%7C%7CTPTD%3D2473918141444&vgd_csip=rtb-appnexus-5c798bb85d-kdvzh.SC&vgd_sbSup=1&vgd_nrrs=2109&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F1966186%2C34718310%2FPub_tinyurl.com_160x600_2_0__container__%7CDIV-Sortable_Left_Sidebar_0&oRurl=adomain%3Dhttps%253A%252F%252Frelated.advancesimple.com%26adt1%3D8CUUKO538%26adt2%3D512816723%26bdrId%3D4%26cb%3Dwindow._mNDetails.initAd%26cc%3DCA%26chnm%3DHARMONY%26cid%3D8CUY5V96Y%26cpcd%3DYtj1ljGO9ng8CmfP49ZQxg%253D%253D%26crid%3D732190595%26gdpr%3D0%26https%3D1%26katbid%3D-21%26katid%3D808057712%26katpre%3D1%26kttle%3DTinyURL.com%2B-%2Bshorten%2Bthat%2Blong%2BURL%2Binto%2Ba%2Btiny%2BURL%26lw%3D1%26matchstring%3Dhr%253D0%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8POA28U6L%26requrl%3Dhttps%253A%252F%252Ftinyurl.com%252F2p9bpte%26sc%3DQC%26size%3D160x600%26tpid%3DTLV4737%26ugd%3D4%26vif%3D1&vgd_end=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.6.25.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-6-25-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Tue, 14 Dec 2021 04:36:59 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 14 Dec 2021 04:36:59 GMT
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?oz_pl=1&to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&_x=1
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=a15dfd95-9409-4070-ba01-535edb391074&to=3&ai=8&pp=9374&si=38586&sr=12&pc=75573&di=tinyurl.com&md=1&gt=6251999&c1=5563&c2=66529&ti=45686878758139536281&cb=1639456617&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:36:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456619183&oz_l=132&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:36:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame 30DB 		28 B
28 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456619336&oz_l=4181&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:36:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 77BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWGUu-noNPUTiX1XSJbP45MjwgPrGca9QG6uiRrLKzLpiQRwFL_HDM0G2ljHt19C6Ir9rVoZD_vxOvaCCTFkQDqZt42o6vGpusnJ_z92_RSCvdL8DvV_9SskGnzmW93VLao6w2BIR6p4EZS_N3vu1OTUkbmGF7Qwu461C7HjfuchwvLPfnywEK0jMCj4-wqdYOanfCKhiSXwRDDkai-5CJsWpI51Nx5DGpvqcaeJfvLdLkxDIRVUpVKHoDVozu1aNhdI_ER7mTFA9KiTgk2LrzXcep7ZT_4CTt5ArDZnO5li7KmvyPrHp6vPH-6Ss9g2fSwg&sai=AMfl-YSPTXsmZe8grdsacLl-EmL2HJtBhn0xxS0LD4tapOdhW0wJlfBK3PkzoHJ18jPCKhrsuzHZcGeB3zWfBXRSq-ZXzF_HFON84jn-FgBleSgt5RWjUiOp0A3aVKu32GDR&sig=Cg0ArKJSzEbEg7Z0bVbvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:36:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 14 Dec 2021 04:36:59 GMT
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456619517&oz_l=25416&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:36:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
log
hblg.media.net/ Frame B7B3 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&prvAccId=732190595&ckfl=0&lper=1&mx_tgs=160x600&cbdp=0.229&mx_nsz=1&spSource=0&insl=0&vid=5401643685595028393&pvdTmax=67&s_city=secaucus&ltime=32.0&ugd=4&epc=732190595&prvReqId=72039266542720_337669328_512816723141&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&zip=L4S+1R9&app=0&ctr=-1.0&exid=31&spFst=0&mx_TAF=2&mx_GCID=0&cliIPType=v4&device_id=4&pexid=APPNEXUS-982467&ae=false&ybnca_erpm=0.29&brsrclk=0&mx_UCC=5&sbdrid=196&prspt=headerBid&concat%3C%3E=IAB19-18&rtttime=48&usp_status=0&seat=BID_API&apTags%3C%3E=75&mx_PC=1&og_cbdp=0.290&size=160x600&wsip=mowx-low-5746f84c46-lrk2v&mx_TAS=1&currsrc_date=2021-12-10+00%3A00%3A00&mx_gpid_sent=false&xtmax=105&commit_id=f85ea6eb&scrid=307221616&mx_SPRIG=2&viewability=48&mx_divid=14942471&be=0&rtime=24.0&adj0=0.0&tmax=150&s_ip=204.13.193.71&adj2=0.0&adj1=0.0&geoll=false&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&debug_ts=2021-12-14+04%3A36%3A57&reqid=5401643685595028393&sc=ON&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&mowxReqId=5401643685595028393_187024813976554532_3&currsrc=NEXUS&fpusp=false&requrl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&mnrfc=1&bidrestime=1639456617469&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CUY5V96Y-732190595-51-21&moau=true&coppa_enf=false&ocurr=USD&is_rewarded=false&devmodel=Unknown&bdp=0.290&stagid=14942471&ct=Richmond+Hill&spIsReq=3&s=1&snm=SUCCESS&abs=0%7C0%7Cxtmax%3D105%7Cbflag%3D0%7CHARMONY%7Cbrr%3D1&mx_IAB2=2&mx_epbc=8CUY5V96Y&mx_ssBucket=0&vls=0&usp_enf=1&bidflr=0.000&mang=1&mx_isLossNtf=false&coppa_status=N&advUrl=https%3A%2F%2Frelated.advancesimple.com&dn=tinyurl.com&pid=8PR113JGC&spTo=3&dt=O&acid=5401643685595028393_187024813976554532&actltime=33&act=headerBid&ecp=4.3&pvid=4&iframingState=0&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_lr_seg_deal=0&dfpBd=0.229&sckfl=0&dmm_erpm=true&mx_lr=0&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&smbrid=3484&bfs=103&rfc=1&gdpr=0&prvApiId=8CUY5V96Y&dmm_ogerpm=false&epcexp=false&pubid=pub-appnexus-network&csip=rtb-appnexus-5c798bb85d-kdvzh.SC&mx_bsProfile=0&mx_bsBucket=5&cid=8CUUKO538&bcrid=307221616&mx_aurt=0&omul=1.0&spIvt=3&dsid=14942471&apPrfs%3C%3E=39%23%2340%23%2313&ptype=23&vertical=0&chnl=HARMONY&smsrc=1&pst=0&acsn=1&reqsize=160x600&dtc=east_sc&adpos=0&mx_aqcpl_crid=4&ogbdp=0.29&tpbTkn=false&fpuReq=1&itype=APPNEXUS&vcmplrt=-1.0&mx_g_one_uid_sent=None&crid=512816723&geo_source=0&sat=1&mnet_ckfl=0&spCst=0&tgtval=pub-appnexus-network&dfpDiv=14942471&__expireat=1639457217726&opbidflr=0.000&reftype=0&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.29~vis_sd%3D334~dc2%3D1~scd%3Dqc~vl2r_sd%3D2021121400~iurl_b%3D1848.8~url_tkc%3D0~std%3D14942471~last%3D~vis_url_b%3D0.82~ip%3DGxQOy~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D23~rc%3D2%2C3~rps_sd%3D2021121323~vis_b%3D722.33~url_b%3D0.54~url_tvi%3D0~ecp_eer%3D14.83~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.29~bm%3D1~sid%3D3a418aa28a9f13d0a4afb6676f7f74df~sd%3D0~uid%3D2IaaK6DvqgLkoxe4uX~btd%3D3888972332447498076622634622286355252984288592069254545552362077421568~3pcf%3D1000.97~uim%3D0~vurl_b%3D1.02~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D102.49~vurl_l%3D30~CI%3D2629~nts%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.98~isif%3D0~lc%3D1~bid%3D0.29~dc%3D8~vl2r_b%3D3.82~ivurl_l%3D30~supply_tag_id%3D14942471%7Eviewability%3D0.482393%7Ecbdp%3D0.229%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deast_sc%7Exid%3D3484%7Eref_cnt%3D1%7Edalg%3Dunison%7Ebflag%3D0%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.290%7Eseller_tag_id%3D14942471%7EcarrierId%3D0%7Edcut%3D20%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D160x600~bsb%3D5~bsp%3D0~tmx%3D67&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.104.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-104-25.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 14 Dec 2021 04:36:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E77 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJXEFuNTfDhUGJLILoC6Odg0_uCPYB52YnrSfuf3cc1mcrTcTCLn8OvSw_ZrNvlRc6V0z3qj9qMG3bJSkrUJUW&sig=Cg0ArKJSzNmWbYYbAYGBEAE&id=lidar2&mcvt=1000&p=123,523,213,1251&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=236599969&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639456618204&rpt=416&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456619676&oz_l=1948&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:36:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame B7B3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSyrthbOnNzPB9XpQyqQKq9NvsXadX7ZSMbrYu3zklA3-93aGNxcnjfRRVnH86ny0cjyhCVjDpVoWOveeBzusEmdMXq_uppwSgHsJDVxXGLLyPpJ3k&sig=Cg0ArKJSzOWqNvMsUa2nEAE&id=lidar2&mcvt=1000&p=357,8,957,168&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3373584571&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639456618167&rpt=493&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:36:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame B7B3 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2F2p9bpte&e=wqT_3QLtBOhtAgAAAwDWAAUBCOm-4I0GEKSYhoq9wpzMAhgAKjYJHVpkO99PzT8Rs7W-SGjLyT8ZAAAAQDMzEUAhsw0SACkRJAAxARu44XrUPzCHgpAHOJwbQJUJSGBQ8Ki_kgFYl9dMYABor-BlePjPBIABAYoBA1VTRJIFBvBemAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ASFfOTgyNDY3X1B1Yl90aW55dXJsLmNvbV8xNjB4NjAwXzLYAgDgAt3CKuoCG2h0dHBzOi8vdGlueXUJKPQgAS8ycDlicHRlgAMAiAMBkAMAmAMXoAMBqgNAEhg1NDAxNjQzNjg1NTk1MDI4MzkzX3NiaWQaEjE4NzAyNDgxMzk3NjU1NDUzMiIJMzA3MjIxNjE2KgVNMTE3M8ADrALIAwDYA9azL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zNy4xMjAuMjA1LjE2NqgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAE8Ki_kgGIBQGYBQCgBam3_tiByp_7SsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfzKRPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAROwEBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLIEQADIB_jPBNIHDQkBNAEBATgI2gcGCSdE4AcA6gcCCADwB7ijKYoIAhAA&s=ce73bf59b5cc8952859f7a6fc8ead829c0277de5&type=pv&jm=1003|1030&px=8&py=357&bw=160&bh=600&sf=1&sid=3288481211362725850&vd=ct~0|rr~5&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14942471&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.207 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:36:59 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 802.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f29d2ce9-2379-435b-a947-a3a4a91a85b5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456619856&oz_l=1808&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:36:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
all
csm.us.criteo.net/ Frame CCF8 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=ypDr3WIR44VR0I2ls4-QZBn_fbHFOFDt9EXYPvLEXSn8iqzPVoeH4d3f_h1IO6zypOHbGjqNoDfs4DZOZEvp9LBXekILFbmtdnHD6QJiY6iu0JeiorWyhRcsrCF9F3AfwTNwY7ugfAuKONVrhOHxkydulqg_hpg3zLOaxo1pYDOIr9Uxak7QU_NDcYBpIGM9G7lmHPDRwXy_5uzXLTNqXn21vRo_RIv_F1PTOX7wKUURtah7pteFGwyEUgstteM4cdZo6g&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YbgfaQAMaVgK4fgPAAoay7aco6bnxkHo5tWUDA&u=%7CTt9duWXTT%2F%2FaJ9CzoGdAyK6Z4yZleJCdSqiWTN%2BfAMk%3D%7C&c1=dDii2Nn9wDcwOyCpa0WAdHQFyEvQJJZi7qN67jqQ4kYGiU-D9T3TH045xTTYiobc3pCe8O8DM-7-LWn8bbm-WClxjFuQBUmmyCLOpjdc1jUtcffXgdqzWo7hoJY2EhMM0LjpC1IdtfsSl-_17ANDFtC9x1DCeNXa51TOxQz9SyHaCb0McLh7uXpBIqo97TiJowskw7Qyh83_wyFSZjThlCS0R-ICJPRf58jg_jIdRUchtJ2j1bYgJUrVerqrGGv9BZd9yQ8cVTL_HuJaqt5Ex0K0hSDZU_wUyB4Zi7LQT5YS5KaOFUX2Qby1gRIvBgjq7xBsLMDV9XU_Z3yL9OevlNxxFmM8URX15vz2aXD1FeloOeCivCRx8y4uCfkebEG4itG8v2TbRfnjCaD3QTnrcj0BJd5jPH2-a3nIPnruxG4pmBD-LvZ_BHvsbKtvygoa6wYUcIYN-Cge8QGaoBnzUp1JEMK3BUlGA8TJNzj9FtdJdDDJgPnIJXOpRhtMV0cYapey25R4864&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7fzaaR-4YdjSMY_whwfLtajoA5yB77BcosqnqnTAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzE1MzA2NTIzMDE1MzI4MaABrN3-6APIAQngAgCoAwGqBPIBT9BW6wuKzQizKjM8Ac-DYHryFuv03xj46czoAY3GNbZoYDMm2VMi3-mTbRMHeNTiFkahbm-d1Cn9m5TageaUrq7wx2Hncm_1bkioDR0mj_EZ8ZREz7VPgDXDKFl2MNRNJSKEXORd5mf7-0Yz99BexzPvJFk5dDtSXEKJ4JitqNPsiKVtD81ccovYNytww48jiqfGSizoW4KEsm1IxsfMVT0VbiySBdj8VXINg-CJzGivrY1HRyNxypw4P3L32UUfEPUv9QRNv99HtprRRjEeSCjDyZp3lOywCMyxqWwyqc-X1sz6Ow04VDigZZvRbs8pcm7gBAGABv-x6qqg2rW1I6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAfIIG2FkeC1zdWJzeW4tNDcyNzUwMzYxMjEyMzY2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0lamJV6A64JaDE9WlSct1E4_sUXQ%26client%3Dca-pub-3153065230153281%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:36:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=sortable_ron_d_inarticle_560x182_btf_header&aid=45686878758139536281&rev=c0c4269&ss=12&bc=0.482&pr=0.3193&brid=8&bmid=5563&biid=7152&bcud=482&sid=66529&ts=1639456617&unid=0&cepos=0&ceid=-1&cb=50638
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
c.gif
www.bing.com/aes/
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=376360&auId=1a8b1e83-a622-46d5-8c12-9c069c28650b&publisherName=gevcyryvsg&rId=83243ca6-fb7f-4880-a715-ffb40c6022fd&rlink=https%3A%2F%2Fwww.bing...
  • https://www.bing.com/aes/c.gif?type=mv&tids=2&rg=20b570b18664483e866f0bf1b6937c35&reqver=1.0&med=10
0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&tids=2&rg=20b570b18664483e866f0bf1b6937c35&reqver=1.0&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:36:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5D800CDF6F864EF5BCA5AE4F9D761A11 Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:59Z
content-length
0
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 85EF2D12AA374F26AC1DF812F40A4D8C Ref B: YMQ01EDGE0517 Ref C: 2021-12-14T04:36:59Z
date
Tue, 14 Dec 2021 04:36:59 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&tids=2&rg=20b570b18664483e866f0bf1b6937c35&reqver=1.0&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
142
expires
0
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:37:00 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
bqi.php
lg3.media.net/ Frame B7B3 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?lf=3&&vgd_hb_audit_1=8CUUKO538&vgd_hb_audit_2=512816723&vgd_l2type=sca&kata=aton&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808057712&kals=ttype%3D10018%7C%7Cpc%3D16%7C%7Cfat%3D1&cme=pR2r0LnMEdhGAZQTDFQNFEdnHezPNP53e0uy9z6AFnS5te4iw5Vcv7fU857ERYQjqkiX7EmbaAot_BaCyrfX8QYo2OmOURdGi4TZ_bSJHmeCjiIp_xP8GNWjNNlk_uLxRPw9MikJpYMQoEyS_RAnI7SCB49encXBz2wf6fi-qbRDmqHve6Ey_m2_FvpnnxUVy6TXGa1od_A76TAHuh10aQ==||dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|u8A6SM53vAcsw5otxGIE7cKt4Kuzck3-|1o6OFOzSGkAah3D7LtWnWB6K30dZ9llS|gNTUc7MBYV04UVzmztpDDQ==|a0AmFUYXmD5FiATULhOaKtEu1IhihVMNxXPh_A_drF5DCVBwLZ-kQw==|MhSffBRfuCOyCp4u_bjS9Q==|hiOyMSK_byVjxO97yMyTOfm-I3uMm9-Tn6tRDNaDM3tZNBwJ0M-r8t3L4yoTI8mfFssmqhv6T7Es0rnEFMHyKOOy5_p3R86XyigvZwhtNQqjEUB80J9e2W4TngCGquK6uoNLxVGQWTD_oxV911zx9Bz372eq65zlklggBFIZJPNYxYUJ3oZeObV_kxNrx0E7cYMYVTyJara7U1hXfDX0uGCYcaa-pc0M|ECZQquDAdXO219s_zvdUcg==|&gdpr=0&prid=8PRVCXX19&cid=8CUY5V96Y&crid=732190595&requrl=https%3A%2F%2Ftinyurl.com%2F2p9bpte&vi=1639456618828265929&ugd=4&cc=CA&sc=QC&bdrid=4&subBdr=196&startTime=1639456618482&l2type=sca&vgd_l1rakh=1639456618112652881&l1ch=1&kapc=16&kalog=CI%3D2565%7C%7CHID%3D0%7C%7CSI%3D371%7C%7CSID%3D8%7C%7CUUID%3D2IakUoCuP0mJNoVavq%7C%7CMPTD%3D640%7C%7CTPTD%3D2473918141444&sttm=1639456618491&upk=1639456618.29368&hvsid=00001639456618491006286739582512&acid=5401643685595028393_187024813976554532&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.29~vis_sd%3D334~dc2%3D1~scd%3Dqc~vl2r_sd%3D2021121400~iurl_b%3D1848.8~url_tkc%3D0~std%3D14942471~last%3D~vis_url_b%3D0.82~ip%3DGxQOy~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D23~rc%3D2%2C3~rps_sd%3D2021121323~vis_b%3D722.33~url_b%3D0.54~url_tvi%3D0~ecp_eer%3D14.83~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.29~bm%3D1~sid%3D3a418aa28a9f13d0a4afb6676f7f74df~sd%3D0~uid%3D2IaaK6DvqgLkoxe4uX~btd%3D3888972332447498076622634622286355252984288592069254545552362077421568~3pcf%3D1000.97~uim%3D0~vurl_b%3D1.02~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D102.49~vurl_l%3D30~CI%3D2629~nts%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.98~isif%3D0~lc%3D1~bid%3D0.29~dc%3D8~vl2r_b%3D3.82~ivurl_l%3D30~supply_tag_id%3D14942471%7Eviewability%3D0.482393%7Ecbdp%3D0.229%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deast_sc%7Exid%3D3484%7Eref_cnt%3D1%7Edalg%3Dunison%7Ebflag%3D0%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.290%7Eseller_tag_id%3D14942471%7EcarrierId%3D0%7Edcut%3D20%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D160x600~bsb%3D5~bsp%3D0~tmx%3D67&matchstring=hr%3D0&vgd_matchstr=hr%3D0&vgd_sc=QC&lineitemid=4&infr=1&stime=1639456618285&vgd_ecrid=307221616&l1hcsd=l1!N4|8184&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&vgd_fcm_enc_mis=1&l2ch=0&pid=8POA28U6L&vgd_pgid=p1161148993t202112140436&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.6.25.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-6-25-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Tue, 14 Dec 2021 04:37:00 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 14 Dec 2021 04:37:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 77BE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoOG0bK4RY_rcUFWrpH2Yy5GpHi0HviEONEXZgjv7w5mdMqUhsVDsUOpTYM8gRVZZVazjFBea9BJBxZCV4phERfHZje0weVs7-W5wHNGIt-UuqNZRf&sig=Cg0ArKJSzChWbKlOge2gEAE&id=lidar2&mcvt=1000&p=950,0,1132,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3563311070&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639456618356&rpt=1036&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:37:00 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 04:37:00 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
index.html
cdn.districtm.io/ids/ Frame 2E2C 		116 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
content-type
text/html
cf-ray
6bd4bc079f8bca6f-YUL
age
29953
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 3eeb9ac01b4c92ab526796225ec46218.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
Vxo_6S2Bw-LZou3p6g2o3oPKNoMat-b33LZ4RT1TXS5_6yP4zw3OGA==
x-amz-cf-pop
YUL62-C1
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A747 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 14 Dec 2021 04:37:00 GMT
Age
19177957
X-Served-By
cache-lga21960-LGA, cache-yul12822-YUL
X-Cache
HIT, HIT
X-Cache-Hits
263, 892217
X-Timer
S1639456621.753390,VS0,VE0
Vary
Accept-Encoding
/
de.tynt.com/deb/ Frame E68E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
77515ec281dd97534008974c2b90d521af01e71443d7152b35958ba6a6e8fd95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1333
date
Tue, 14 Dec 2021 04:37:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Tue, 14 Dec 2021 04:37:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
de.tynt.com/deb/ Frame B310
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
84228c9af7c7e395f2bda0f50c45c07a9c8518dbbf70975fbcbc6fb664c494c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1333
date
Tue, 14 Dec 2021 04:37:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Tue, 14 Dec 2021 04:37:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
index.html
cdn.districtm.io/ids/ Frame B27F 		116 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
content-type
text/html
cf-ray
6bd4bc079f8aca6f-YUL
age
29953
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 e9a168a45c0ab7eaab33378bf01e941d.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
7zmguFff7h2cxCzp2DN6c3Ib4FstnnI4unMrZcJaMm0x6_OwfxjQGQ==
x-amz-cf-pop
YUL62-C1
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
sync
eb2.3lift.com/ Frame 1BD9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
3b8193e57e668cfc2d8d149b432ca8fc4a332ee72768e391f98428b28547f32d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
content-type
text/html; charset=utf-8
content-length
382
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
sync
eb2.3lift.com/ Frame 87D9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
3b8193e57e668cfc2d8d149b432ca8fc4a332ee72768e391f98428b28547f32d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
content-type
text/html; charset=utf-8
content-length
382
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 882B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 12 Dec 2021 02:31:41 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 14 Dec 2021 04:37:00 GMT
Age
7516
X-Served-By
cache-lga21940-LGA, cache-yul12826-YUL
X-Cache
HIT, HIT
X-Cache-Hits
1, 58994
X-Timer
S1639456621.762293,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F24D 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 14 Dec 2021 04:37:00 GMT
Age
19177958
X-Served-By
cache-lga21960-LGA, cache-yul12827-YUL
X-Cache
HIT, HIT
X-Cache-Hits
263, 163981
X-Timer
S1639456621.765713,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9808 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/2p9bpte
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 12 Dec 2021 02:31:41 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 14 Dec 2021 04:37:00 GMT
Age
7516
X-Served-By
cache-lga21940-LGA, cache-yul12822-YUL
X-Cache
HIT, HIT
X-Cache-Hits
1, 61051
X-Timer
S1639456621.765612,VS0,VE0
Vary
Accept-Encoding
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=aa4c0f8f-82b0-4ac3-939c-236fb5788301&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ekNJdTVfc2JNcHhfM3R0cUtTN1h4Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMtwG6dYEuTDFUS62_qMnMY&google_cver=1
49 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMtwG6dYEuTDFUS62_qMnMY&google_cver=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-685df6f7b9-qjhv5
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMtwG6dYEuTDFUS62_qMnMY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VRZN
c.deployads.com/cs/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58423/occ
  • https://c.deployads.com/cs/VRZN?b=y-NtUjkt9E2uECDC8FAbnSc43jLRmi7ZPCjxeB6qE-~A
43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/VRZN?b=y-NtUjkt9E2uECDC8FAbnSc43jLRmi7ZPCjxeB6qE-~A
Protocol
H2
Server
44.193.114.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-114-165.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://c.deployads.com/cs/VRZN?b=y-NtUjkt9E2uECDC8FAbnSc43jLRmi7ZPCjxeB6qE-~A
date
Tue, 14 Dec 2021 04:37:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9cd361b8-1f6b-4b00-8261-cada33dbe129
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9cd361b8-1f6b-4b00-8261-cada33dbe129
Protocol
HTTP/1.1
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:01 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 14 Dec 2021 04:37:00 GMT
Server
MT3 4133 baa842e master iad-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9cd361b8-1f6b-4b00-8261-cada33dbe129
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Dec 2021 04:36:59 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316550491447782
49 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316550491447782
Protocol
HTTP/1.1
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:01 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316550491447782
Date
Tue, 14 Dec 2021 04:37:00 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
NXST
c.deployads.com/cs/
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=615&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24userId%24%24
  • https://c.deployads.com/cs/NXST?b=BKiqwpyM4tY
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=BKiqwpyM4tY
Protocol
H2
Server
44.193.114.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-114-165.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 14 Dec 2021 04:37:00 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=BKiqwpyM4tY
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
sync
sync.bfmio.com/
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=126
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Protocol
HTTP/1.1
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 14 Dec 2021 04:37:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
PULS
c.deployads.com/cs/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562041&ev=1&rurl=https%3A%2F%2Fc.deployads.com%2Fcs%2FPULS%3Fb%3D%%VGUID%%
  • https://c.deployads.com/cs/PULS?b=xmn300wy4v3U&ev=1&pid=562041
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/PULS?b=xmn300wy4v3U&ev=1&pid=562041
Protocol
H2
Server
44.193.114.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-114-165.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://c.deployads.com/cs/PULS?b=xmn300wy4v3U&ev=1&pid=562041
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-685df6f7b9-qjhv5
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=30d8b910-c16a-4918-883e-092941626810&google_hm=MzBkOGI5MTAtYzE2YS00OTE4LTg4M2UtMDkyOTQxNjI2ODEw
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHWWfaOS1ygR1j5OjPZANBs&google_cver=1&ssp=sonobi&bsw_param=30d8b910-c16a-4918-883e-092941626810
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=30d8b910-c16a-4918-883e-092941626810
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=30d8b910-c16a-4918-883e-092941626810
Protocol
HTTP/1.1
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:01 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=30d8b910-c16a-4918-883e-092941626810
Date
Tue, 14 Dec 2021 04:37:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&pubid=fb9580c293
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=aa4c0f8f-82b0-4ac3-939c-236fb5788301
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=aa4c0f8f-82b0-4ac3-939c-236fb5788301
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b5d82f98-25b9-48f9-873c-c39fe4f25fc9%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&ttd_puid=b5d82f98-25b9-48f9-873c-c39fe4f25fc9%2C
95 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&ttd_puid=b5d82f98-25b9-48f9-873c-c39fe4f25fc9%2C
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&ttd_puid=b5d82f98-25b9-48f9-873c-c39fe4f25fc9%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
TTD
c.deployads.com/cs/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1
  • https://c.deployads.com/cs/TTD?b=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/TTD?b=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Protocol
H2
Server
44.193.114.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-114-165.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://c.deployads.com/cs/TTD?b=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
169
setuid
ib.adnxs.com/prebid/ Frame 1BD9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e65195ff-3d6a-4cba-8123-dc4bdaae6853
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 1BD9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
1d9c0feb-e927-4445-b390-afedf795bc41
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 1BD9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 14 Dec 2021 04:37:00 GMT
Server
MT3 4133 baa842e master iad-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Dec 2021 04:36:59 GMT
RVF22VSl
sync-tm.everesttech.net/ct/upi/pid/ Frame 1BD9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=&_test=YbgfbAALwzJNKwAz
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=&_test=YbgfbAALwzJNKwAz
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1130
x-served-by
cache-yul12823-YUL
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1639456621.898659,VS0,VE0
content-length
85
x-cache-hits
12970

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1639456621.872819,VS0,VE15
x-served-by
cache-yul12823-YUL
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=&_test=YbgfbAALwzJNKwAz
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 1BD9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
25a51e1d-5ca6-4e28-a569-bf5420505c84
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 87D9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5727812e-004c-43ff-b9b9-be324d10bb4d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 87D9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2052c354-d893-4f59-a313-466187b207f1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 87D9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 14 Dec 2021 04:37:00 GMT
Server
MT3 4133 baa842e master iad-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=9cd361b8-1f6b-4b00-8261-cada33dbe129&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Dec 2021 04:36:59 GMT
xuid
eb2.3lift.com/ Frame 87D9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=&_test=YbgfbAALz1OhPgBR
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YbgfbAALz1OhPgBR&dongle=3c0a&gdpr=0&gdpr_consent=&_test=YbgfbAALz1OhPgBR
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YbgfbAALz1OhPgBR&dongle=3c0a&gdpr=0&gdpr_consent=&_test=YbgfbAALz1OhPgBR
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1639456621.898751,VS0,VE0
x-served-by
cache-yul12823-YUL
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YbgfbAALz1OhPgBR&dongle=3c0a&gdpr=0&gdpr_consent=&_test=YbgfbAALz1OhPgBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 87D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f8a47848-2236-4a64-9c76-7cdfb78a4dae
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 1BD9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
af734e7d-ea0b-46fd-959f-47a36924566e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 1BD9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
7ffbbebd-f157-49d1-a087-c24ec2d1057a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 1BD9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
9677bc0d-fd6a-4801-8d14-05abe05ee6af
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame B27F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
via
1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
6328
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C4
cf-ray
6bd4bc083ff5ca6f-YUL
x-amz-cf-id
grPGiWniH68bfTtn_MAV7TZgFVtqyKFXbidN-Zh6RPPqvpzkLyNSHw==
expires
Thu, 16 Dec 2021 04:37:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 2E2C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
via
1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
6328
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C4
cf-ray
6bd4bc083ff8ca6f-YUL
x-amz-cf-id
grPGiWniH68bfTtn_MAV7TZgFVtqyKFXbidN-Zh6RPPqvpzkLyNSHw==
expires
Thu, 16 Dec 2021 04:37:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 87D9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
4f3b4938-c34e-4d96-8172-a37d3c300208
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 87D9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=13728419802808233089
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
3cc5f799-f26a-46fc-bc22-eb9f14c12094
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 87D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bdd2ad8a-c175-4b38-bc2c-598c30f3de35
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2823339881731425086&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 882B 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5f217bee-a392-4fd1-bc17-bc6b7bb37c7a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9808 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a359f09d-8875-49f1-ad91-b9684dda2e9f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame A747 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 678.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
1403bc4f-f629-4651-92b6-5ba7be2eab30
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame F24D 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:00 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 678.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
99a92875-9624-4e2c-83f7-891ac752a4da
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
buyers
dmx.districtm.io/s/v1/ Frame B27F 		453 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78aa5739633107abcebea3fd27a635dbe53814547118bc999f96a10f9ea46b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bc08681eca6f-YUL
access-control-allow-headers
Origin, Content-Type
buyers
dmx.districtm.io/s/v1/ Frame 2E2C 		567 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7662ba85268f9984fca1f87f7b8b7f1f694e00cb1fbe44874eff870ec8a55813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bc08681fca6f-YUL
access-control-allow-headers
Origin, Content-Type
CtDbcFdbhSFDgOKjlWgS
dmx.districtm.io/s/10027/ Frame B27F
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1
  • https://dmx.districtm.io/s/10027/CtDbcFdbhSFDgOKjlWgS?pi=districtm&tc=1
76 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10027/CtDbcFdbhSFDgOKjlWgS?pi=districtm&tc=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f704ffa97b53b40c08c5875d2cc5ae4c22ecb4251c51c9607d4425219fd504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc0988f8ca6f-YUL

Redirect headers

location
https://dmx.districtm.io/s/10027/CtDbcFdbhSFDgOKjlWgS?pi=districtm&tc=1
pragma
no-cache
date
Tue, 14 Dec 2021 04:37:01 GMT, Tue, 14 Dec 2021 04:37:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
y-brLwUG1E2uF6TLPwYyFFMV7.E.jaZZOhJ1z37dY-~A
dmx.districtm.io/s/10057/ Frame B27F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://dmx.districtm.io/s/10057/y-brLwUG1E2uF6TLPwYyFFMV7.E.jaZZOhJ1z37dY-~A
100 B
164 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-brLwUG1E2uF6TLPwYyFFMV7.E.jaZZOhJ1z37dY-~A
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c91b12f6e0a9576b611c6a671f1417b6e3bbae533050894e0fedcaad42df7ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc08f890ca6f-YUL

Redirect headers

location
https://dmx.districtm.io/s/10057/y-brLwUG1E2uF6TLPwYyFFMV7.E.jaZZOhJ1z37dY-~A
date
Tue, 14 Dec 2021 04:37:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
AAB7SU7DcD8AAD5PSBslxw
dmx.districtm.io/s/10025/ Frame B27F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/districtm
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1
  • https://dmx.districtm.io/s/10025/AAB7SU7DcD8AAD5PSBslxw
78 B
132 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10025/AAB7SU7DcD8AAD5PSBslxw
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e0115eebc2a614b4e21afbda6911083218baebb3ebcd17caad9ceef1ffbdfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc09f98bca6f-YUL

Redirect headers

location
https://dmx.districtm.io/s/10025/AAB7SU7DcD8AAD5PSBslxw
Date
Tue, 14 Dec 2021 04:37:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
y-h9V5uhdE2uFj7ppUXG4bOfTjp56xc8zU~A~UP7ab768d9-5c97-11ec-8252-0253bd5a5729
dmx.districtm.io/s/10051/ Frame B27F
Redirect Chain
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7ab768d9-5c97-11ec-8252-0253bd5a5729
  • https://dmx.districtm.io/s/10051/y-h9V5uhdE2uFj7ppUXG4bOfTjp56xc8zU~A~UP7ab768d9-5c97-11ec-8252-0253bd5a5729
131 B
174 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10051/y-h9V5uhdE2uFj7ppUXG4bOfTjp56xc8zU~A~UP7ab768d9-5c97-11ec-8252-0253bd5a5729
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ede9c944329644bc1b4e680bb85ff421e1a3079c6bde6179bbb0f263ed794e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc09e982ca6f-YUL

Redirect headers

location
https://dmx.districtm.io/s/10051/y-h9V5uhdE2uFj7ppUXG4bOfTjp56xc8zU~A~UP7ab768d9-5c97-11ec-8252-0253bd5a5729
date
Tue, 14 Dec 2021 04:37:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
2810316550491447782
dmx.districtm.io/s/10056/ Frame B27F
Redirect Chain
  • https://p.rfihub.com/cm?pub=36496&in=1
  • https://dmx.districtm.io/s/10056/2810316550491447782
75 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10056/2810316550491447782
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369c0c8ed1a1a5cc29e6fd01d24fb43cf2e3a0d5ef06a1d3025f13407e029570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc08e88bca6f-YUL

Redirect headers

Location
https://dmx.districtm.io/s/10056/2810316550491447782
Date
Tue, 14 Dec 2021 04:37:00 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
6dc4aabf-826c-47c3-b6d7-d56b99bf9d67-61b81f6c-4341
dmx.districtm.io/s/10001/ Frame 2E2C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
  • https://dmx.districtm.io/s/10001/6dc4aabf-826c-47c3-b6d7-d56b99bf9d67-61b81f6c-4341
106 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/6dc4aabf-826c-47c3-b6d7-d56b99bf9d67-61b81f6c-4341
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e524e8b269666256f887927b8be62420e1780b04f90bea82799740666f16c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc0988f9ca6f-YUL

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/6dc4aabf-826c-47c3-b6d7-d56b99bf9d67-61b81f6c-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
AAADKsBrwcH1xANxsMY1AAAAAAA&expiration=1639543020&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&is_secure=true
dmx.us-east-32.districtm.io/s/10007/ Frame 2E2C
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&rurl=//dmx.us-east-32.districtm.io/s/10007/
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=4821a94dd97908e8&is_secure=true&version=1&networkId=33921&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&rurl=%2F%2Fdmx.us-east-32.districtm.io%...
  • https://dmx.us-east-32.districtm.io/s/10007/AAADKsBrwcH1xANxsMY1AAAAAAA&expiration=1639543020&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&is_secure=true
153 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-32.districtm.io/s/10007/AAADKsBrwcH1xANxsMY1AAAAAAA&expiration=1639543020&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&is_secure=true
Protocol
H2
Server
34.75.235.219 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
219.235.75.34.bc.googleusercontent.com
Software
/
Resource Hash
bcf4f1f0d7d7259bb983f48e555a0f1eb38b29d59b0714ec79b754aad7049703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
content-length
153
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-32.districtm.io/s/10007/AAADKsBrwcH1xANxsMY1AAAAAAA&expiration=1639543020&nuid=22GGgQ7xW5fefvCYHSx9ghdUrd3&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
YbgfbAALz1OhPgBR
dmx.us-east-32.districtm.io/s/10016/ Frame 2E2C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-32.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://dmx.us-east-32.districtm.io/s/10016/YbgfbAALz1OhPgBR
72 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-32.districtm.io/s/10016/YbgfbAALz1OhPgBR
Protocol
H2
Server
34.75.235.219 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
219.235.75.34.bc.googleusercontent.com
Software
/
Resource Hash
1ed2ad645799e2f4bb7e37b151ee1918e80ec79b174f45064afe705a741c62bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
content-length
72
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1639456621.929092,VS0,VE0
x-served-by
cache-yul12823-YUL
x-cache
HIT
location
https://dmx.us-east-32.districtm.io/s/10016/YbgfbAALz1OhPgBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
35ad89d8-ce14-45e9-8171-2164b851acd7
dmx.districtm.io/s/10059/ Frame 2E2C
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/35ad89d8-ce14-45e9-8171-2164b851acd7
92 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/35ad89d8-ce14-45e9-8171-2164b851acd7
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c103809a58d0f6a162baa6f4cb9b3508ffa5007b26f69c9c450683d6af211010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc0ada3bca6f-YUL

Redirect headers

location
https://dmx.districtm.io/s/10059/35ad89d8-ce14-45e9-8171-2164b851acd7
date
Tue, 14 Dec 2021 04:37:01 GMT
content-length
0
tkQ4328DRjdIYHBG6veiWiV4zaY
dmx.districtm.io/s/10026/ Frame 2E2C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/tkQ4328DRjdIYHBG6veiWiV4zaY
83 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/tkQ4328DRjdIYHBG6veiWiV4zaY
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d72bc56c79e47c829251301b78ba7af1b9b21b3a2037742b7ee0a74b61bc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 14 Dec 2021 04:37:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6bd4bc09a929ca6f-YUL

Redirect headers

Location
https://dmx.districtm.io/s/10026/tkQ4328DRjdIYHBG6veiWiV4zaY
Date
Tue, 14 Dec 2021 04:37:01 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame AD40
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Dec 2021 04:37:01 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Date
Tue, 14 Dec 2021 04:37:01 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
match
cms-xch-chicago.33across.com/ Frame E68E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=30d8b910-c16a-4918-883e-092941626810
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=30d8b910-c16a-4918-883e-092941626810
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=73b9c17e-5785-45e4-8572-595dc76bd133&expires=3&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=30d8b910-c16a-4918-883e-092941626810
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=30d8b910-c16a-4918-883e-092941626810
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=30d8b910-c16a-4918-883e-092941626810
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=30d8b910-c16a-4918-883e-092941626810
date
Tue, 14 Dec 2021 04:37:01 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame E68E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1639456620950.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Tue, 14 Dec 2021 04:37:01 GMT
Server
MT3 4133 baa842e master iad-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Dec 2021 04:37:00 GMT
match
cms-xch-chicago.33across.com/ Frame E68E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame E68E
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=64a3e63321508e7&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKa-SkJ8pywN84dbwAAAAAAA&expiration=1639543021&is_secure=true&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKa-SkJ8pywN84dbwAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKa-SkJ8pywN84dbwAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKa-SkJ8pywN84dbwAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame E68E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1642048620%26external_user_id%3Dce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame AC40
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Dec 2021 04:37:01 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Date
Tue, 14 Dec 2021 04:37:01 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
p-zLwwakwy-hZw3.gif
pixel.quantserve.com/pixel/ Frame B310
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent=
0
0
match
cms-xch-chicago.33across.com/ Frame B310
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-zoPcFqdE2uGfKtQSO7N.FIbycCise5wq%7EA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame B310
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4e6dc337e06308ea&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKmV4rrq8uQMnQwCHAAAAAAA&expiration=1639543021&is_secure=true&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKmV4rrq8uQMnQwCHAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKmV4rrq8uQMnQwCHAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAADKmV4rrq8uQMnQwCHAAAAAAA&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame B310
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1642048620%26external_user_id%3Dce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1642048620&external_user_id=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame B310
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1639456620949.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Tue, 14 Dec 2021 04:37:01 GMT
Server
MT3 4133 baa842e master iad-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=9cd361b8-1f6b-4b00-8261-cada33dbe129
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Dec 2021 04:37:00 GMT
usync.js
eus.rubiconproject.com/ Frame AC40 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0c92daa68408017973f1f5ac6abf23adddf7b2f296d8ee036cb931f646c4d748

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:37:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Dec 2021 17:06:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25087
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9505
Expires
Tue, 14 Dec 2021 11:35:08 GMT
usync.js
eus.rubiconproject.com/ Frame AD40 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0c92daa68408017973f1f5ac6abf23adddf7b2f296d8ee036cb931f646c4d748

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 04:37:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Dec 2021 17:06:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25087
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9505
Expires
Tue, 14 Dec 2021 11:35:08 GMT
users
dmx.districtm.io/s/v1/ Frame B27F 		0
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bc0aca31ca6f-YUL
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
cf-ray
6bd4bc0a7a4decee-YUL
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
khaos.jpg
token.rubiconproject.com/ Frame AD40 		284 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame AC40 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
f69a50991384d09413b97a37bb74928b
Content-Type
image/jpg
users
dmx.districtm.io/s/v1/ Frame 2E2C 		0
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bd4bc0b8aaeca6f-YUL
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
cf-ray
6bd4bc0b2ab2ecee-YUL
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
match
cms-xch-chicago.33across.com/ Frame AD40
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KX5M552T-Y-ILQ7
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame AC40
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KX5M552T-Y-ILQ7
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:00 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KX5M552T-Y-ILQ7&ts=1639456621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pixel
cm.g.doubleclick.net/ Frame AD40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1TTU1MlQtWS1JTFE3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1TTU1MlQtWS1JTFE3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1TTU1MlQtWS1JTFE3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AD40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FyQLi9yuztbnH8jL2C-tHw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3179372288796980115
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3179372288796980115
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/gif

Redirect headers

date
Tue, 14 Dec 2021 04:37:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3179372288796980115
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame AD40
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd361b8-1f6b-4b00-8261-cada33dbe129&expires=28
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd361b8-1f6b-4b00-8261-cada33dbe129&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Content-Type
image/gif

Redirect headers

Date
Tue, 14 Dec 2021 04:37:01 GMT
Server
MT3 4133 baa842e master iad-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd361b8-1f6b-4b00-8261-cada33dbe129&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Dec 2021 04:37:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AD40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAm0nGodk6o-aRJwPztt4uc&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAm0nGodk6o-aRJwPztt4uc&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAm0nGodk6o-aRJwPztt4uc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame AD40 		42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 04:37:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame AD40
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
v1
ads.yahoo.com/cms/ Frame AD40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX5M552T-Y-ILQ7&sigv=1&esig=2~00dd1b329e96012236963217252c366ec53c3d84
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX5M552T-Y-ILQ7&sigv=1&esig=2~00dd1b329e96012236963217252c366ec53c3d84
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 04:37:01 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX5M552T-Y-ILQ7&sigv=1&esig=2~00dd1b329e96012236963217252c366ec53c3d84
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AD40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzRkOWFjYzc2N2E2MmUwMDNhNWE2YTIxZDk4YmYyYTY5YWEwNjdjZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzRkOWFjYzc2N2E2MmUwMDNhNWE2YTIxZDk4YmYyYTY5YWEwNjdjZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 04:37:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzRkOWFjYzc2N2E2MmUwMDNhNWE2YTIxZDk4YmYyYTY5YWEwNjdjZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 882B 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:01 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0975efb8-c6a3-4d11-99e7-bf51c61a90fb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9808 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 04:37:01 GMT
X-Proxy-Origin
37.120.205.166; 37.120.205.166; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0809cd78-5501-4480-868a-029e29220076
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456624283&oz_l=267&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:37:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456624497&oz_l=235&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:37:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/ Frame 77BE 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.43.1/596918/APW_GcUIBNd7I2Tf/postback?to=3&si=38586&pc=75573&di=tinyurl.com&cb=1639456617&md=1&gt=6251999&c1=5563&ti=45686878758139536281&dt=5969181520951367361000&pv=a15dfd95-9409-4070-ba01-535edb391074&ai=8&pp=9374&sr=12&c2=66529&ci=596918&sid=APW_GcUIBNd7I2Tf&oz_sc=8ba7ebc4a966775bad4a68bd&oz_df=1639456624922&oz_l=90&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.43.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.84.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Dec 2021 04:37:04 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery function| fbq function| _fbq object| _gaq object| deployads string| __at_pvid object| googletag boolean| deployads_loaded object| pbjsSortable function| pbjsSortableChunk object| _pbjsGlobals object| confiant object| _gat object| gaGlobal object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages number| _tlTagsPending object| _mNDetails number| lnt_z

116 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQy_LqudsvCgoI4gEQy_LqudsvCgoI5gEQy_LqudsvCgoIhwIQy_LqudsvCgkICRDL8uq52y8KCQgLEMvy6rnbLwoKCIwCEMvy6rnbLwoKCM4BEMvy6rnbLwoKCI4BEMiB67nbLwoKCJECEMiB67nbLwoKCJICEMiB67nbLwoKCJcCEMiB67nbLwoKCJgCEMiB67nbLwoKCJkCEMiB67nbLwoJCDkQyIHrudsvCgkIOhDL8uq52y8KCgibAhDIgeu52y8KCgicAhDIgeu52y8KCQhfEMvy6rnbLwoJCB8QyIHrudsv
tinyurl.com/ Name: __rtgt_sid
Value: kx5m51q2velo16
.tinyurl.com/ Name: __utma
Value: 224967455.195856252.1639456617.1639456617.1639456617.1
.tinyurl.com/ Name: __utmc
Value: 224967455
.tinyurl.com/ Name: __utmz
Value: 224967455.1639456617.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.tinyurl.com/ Name: __utmt
Value: 1
.tinyurl.com/ Name: __utmb
Value: 224967455.1.10.1639456617
.tinyurl.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InBEa3JTRnlmTlVpbk1sQlwvTytUaDJBPT0iLCJ2YWx1ZSI6InJhazFOSWx3VkNJNytGZjJjTkVBWUg2bElBcGZsNWZqTGFmOHNmVjhoOUNrK3Z0YnpzV0ZnK1gxeUxkM0tLMGh6ZzBWVFB2WVwvWndkdmhYNitsQ3JFWUJwaHluUXpwWVZaMDNlRTg4STZTcFJRaDY1NHhPYmRXSFE3RDVtWTh4RyIsIm1hYyI6Ijg3ODY4OWM0YzQ3ZWRhZTdiYjllODZkZGIyMzA3NzJkOWYxODMwZjkyOTlhYmYzZWNlNGM1MjViM2M3YTkwYjAifQ%3D%3D
.tinyurl.com/ Name: tinyurl_session
Value: eyJpdiI6IkZWc0RVUUNVbkNqSllpdnFaazQzeHc9PSIsInZhbHVlIjoiNWpxVTBEVGRRZFhEc1Y1aHlCemkzMitoN2VQMEx4aVNSdWpHMXZMMlNubW55NlNCcEZPOVBJeW1ESGJRdDE5VXVqdHdoNVNwNCtOU0JGa0F5N1AxWUxTTjE5dTZDYm5NdCtzTkc4TDUwRUlqc1d3XC9MUk90OWtwMVhrYVBBdlNcLyIsIm1hYyI6IjZkNGFiZTY3MDliYTBjNDIzOTlkMmQ4OGRjN2JmYWEyMjY5OTdlZmY3NzRiM2U2MThjYmEyMjRlNWIwZGQ1OTMifQ%3D%3D
.tinyurl.com/ Name: tinyUUID
Value: eyJpdiI6IkFkd0JzQ0FGaHJBVEdRYmMyTjNONVE9PSIsInZhbHVlIjoiZjFoZkZQOEYzNWM5QmhxelB3N243eFNvZGd4QXBjM0ZcL2dPdXhxcGNGQVB2RUFCMm5HZmp4VFdIK2k4VTVBODc4Y1ZqRWt4ZlJmRWlQVW1GVG5VVnhxSXE0YitURjdqMWxreFExalZoWmcwPSIsIm1hYyI6ImUzNjRhNThjYzBmOGIxYjg4NzgyODBjNzA0MzZlZTJlOWI2MTU5NTM0OGM3ZGI0ZGMyNDgxYmM0NGJkZDU2YmEifQ%3D%3D
.tinyurl.com/ Name: _fbp
Value: fb.1.1639456617298.1113995041
.go.sonobi.com/ Name: __uis
Value: aa4c0f8f-82b0-4ac3-939c-236fb5788301
.go.sonobi.com/ Name: _usd_tinyurl.com
Value: 36b113f2-32a0-465d-a811-ab6c10d6fbd5
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s8591|Ybgfb
.facebook.com/ Name: fr
Value: 04RYqTaARoXllYGwN..BhuB9p...1.0.BhuB9p.
.adnxs.com/ Name: uuid2
Value: 2823339881731425086
.yahoo.com/ Name: A3
Value: d=AQABBGkfuGECEA__UK5rYBPWOG1V661HivgFEgEBAQFwuWHCYQAAAAAA_eMAAA&S=AQAAAqGPOdpKZGdu0cAgSkQy6Lc
.yieldmo.com/ Name: yieldmo_id
Value: gbfe508f13b9bc67fb7f%7C1639456617667%7C2899091328406795935%7C
.deployads.com/ Name: d7s_uid
Value: r438tligysop
.adnxs.com/ Name: icu
Value: ChgI2OU6EAoYASABKAEw6b7gjQY4AUABSAEKGAjD-zsQChgBIAEoATDpvuCNBjgBQAFIARDpvuCNBhgB
.doubleclick.net/ Name: IDE
Value: AHWqTUlSlEuPvzBRUofihF1DryD5WcMofql7DyjIuz4deHZrsbCUNWEw4eqDM8DiPQg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tinyurl.com/ Name: __gads
Value: ID=853d0dfd0c985da6-22b970ef717b00ad:T=1639456618:S=ALNI_MaqytOZbRIgbyZpbZDhs2dEkh5k7g
.bing.com/ Name: MUID
Value: 14E6D99D3E7A6C2F22E0C8903F416D75
.media.net/ Name: visitor-id
Value: 2824582187395889000V10
.3lift.com/ Name: tluid
Value: 13728419802808233089
.criteo.com/ Name: uid
Value: 2d94122b-0a30-49de-8be6-cd19db962651
.adsrvr.org/ Name: TDID
Value: ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
.zemanta.com/ Name: zuid
Value: b9_GHIvsEWnZZvHyr0TL
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrIwNDA2NDM1NTCxNDQxMTe3MBLiM9Q19y9NzCnN9ErPdjUFACR8a3wlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrIwNDA2NDM1NTCxNDQxMTe3MBLiM9Q19y9NzCnN9ErPdjWV4jU0M7Y0MTUzM7SwNLYAAI-Y5bQ0AAAA
.bidswitch.net/ Name: c
Value: 1639456618
.bidswitch.net/ Name: tuuid
Value: 30d8b910-c16a-4918-883e-092941626810
.w55c.net/ Name: wfivefivec
Value: HyyWwnso1MWZyG5
.mfadsrvr.com/ Name: c
Value: 1639456618
.media.net/ Name: data-rk
Value: 2809753601077611738~~10
.mfadsrvr.com/ Name: tuuid
Value: c849be77-01bc-4b1e-a5f3-2bf64838915c
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-g
Value: CAESEHbRAXHJdKqOejBhoJlXPIo~~10
.media.net/ Name: data-c-ts
Value: 1639456619
.bidswitch.net/ Name: tuuid_lu
Value: 1639456619
.mfadsrvr.com/ Name: tuuid_lu
Value: 1639456619
.mfadsrvr.com/ Name: ssh
Value: !medianet,1639456619
.media.net/ Name: data-c
Value: 2d94122b-0a30-49de-8be6-cd19db962651~~1
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-ttd
Value: ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab~~1
.media.net/ Name: data-mf
Value: c849be77-01bc-4b1e-a5f3-2bf64838915c~~1
.media.net/ Name: data-xu
Value: HyyWwnso1MWZyG5~~10
.linkedin.com/ Name: li_sugr
Value: f8b0f785-c85b-4864-98fd-2c1a38609d56
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&8cadcd3e-4467-45e9-85b4-88d52214ac16"
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2428:u=1:x=1:i=1639456619:t=1639543019:v=2:sig=AQFc8TgiwCx3fvD9jSd6_K48WFBAT9CL"
event.clientgear.com/ Name: mkuuid
Value: mkd45977f2-fade-4cc6-bcfc-dc65549e2b04
.mathtag.com/ Name: uuid
Value: 9cd361b8-1f6b-4b00-8261-cada33dbe129
.admixer.net/ Name: am-uid
Value: ad9139607a884a04b5496166466b29c8
.media.net/ Name: data-co
Value: AAADKmV4rrq8UgMKwPs3AAAAAAA~~10
.amazon-adsystem.com/ Name: ad-id
Value: A86Do7TPGUoOtGV4QTOvUkk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.media.net/ Name: data-so
Value: aa4c0f8f-82b0-4ac3-939c-236fb5788301~~10
.media.net/ Name: data-ze
Value: b9_GHIvsEWnZZvHyr0TL~~10
.media.net/ Name: data-bs
Value: 30d8b910-c16a-4918-883e-092941626810~~1
.turn.com/ Name: uid
Value: 8281881531481159323
.adsymptotic.com/ Name: U
Value: f323cce023f312260dcef8a19761fb67
.media.net/ Name: data-amb
Value: 8209823937443231387~~10
.contextweb.com/ Name: V
Value: xmn300wy4v3U
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 092efeca3ecc09d0
.lkqd.net/ Name: sr615
Value: 1||1639456620
.lkqd.net/ Name: lkqdid
Value: 647Ii69N2vA
.lkqd.net/ Name: lkqdidts
Value: 1639456620
.33across.com/ Name: 33x_ps
Value: u%3D117388823271442%3As1%3D1639456620824%3Ats%3D1639456620824
c.deployads.com/ Name: d7s_dc
Value: 44NXSTCBKiqwpyM4tYA4VRZNjy-NtUjkt9E2uECDC8FAbnSc43jLRmi7ZPCjxeB6qE-~AA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1b0n|88S.0.1|4is.0.CAESEMtwG6dYEuTDFUS62_qMnMY
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YbgfbAALz1OhPgBR
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>6NRF']wIg2E?`ry)1W!]tbP6j2F-.aDQ<BAfhMe9i2qfQTrFidekDdWJ'3ka#!Z?[/l9$NJui%v4VB%noo<(fXNy
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxMzcyODQxOTgwMjgwODIzMzA4OSIsImV4cGlyZXMiOiIyMDIyLTAzLTE0VDA0OjM3OjAwWiJ9fSwiYmlydGhkYXkiOiIyMDIxLTEyLTE0VDA0OjM3OjAwWiJ9
.bfmio.com/ Name: __106_cid
Value: ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
.bfmio.com/ Name: __io_cid
Value: ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
.tynt.com/ Name: uid
Value: NLG4TmG4H2z1J/5ABqIRBw==
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAGsS5DU0M7Y0MTUzMzKwNDZZJYrENzexBADHSYsMIAAAAA
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1639456620949%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1639456620949%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1639456620949%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1639456620949%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1639456620949%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1639456620949%7D%5D
.sitescout.com/ Name: ssi
Value: 6dc4aabf-826c-47c3-b6d7-d56b99bf9d67#1639456620986
.creativecdn.com/ Name: u
Value: CtDbcFdbhSFDgOKjlWgS
.creativecdn.com/ Name: ts
Value: 1639456620
.sitescout.com/ Name: _ssuma
Value: e30
.advertising.com/ Name: APID
Value: UP7ab768d9-5c97-11ec-8252-0253bd5a5729
.go.sonobi.com/ Name: __uin_zt
Value: 2810316550491447782
.go.sonobi.com/ Name: __uin_td
Value: ce4b65da-35ba-4eda-ade8-b4b4d7bda1ab
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b64438df-6f03-4637-4860-7046eaf7a25a.Ffj7NB%2FNro8WM%2FnRG1WBlzm12YPE6jpqA7vIWiaNmUk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-b64438df-6f03-4637-4860-7046eaf7a25a%24ip%2437.120.205.166.pv5RNV492bbOgbBFVR8VMFRwc%2FTW63Z1CrJk92Gvg0o
.go.sonobi.com/ Name: __uin_mm
Value: 9cd361b8-1f6b-4b00-8261-cada33dbe129
.dotomi.com/ Name: DotomiTest
Value: 64a3e63321508e7
.analytics.yahoo.com/ Name: IDSYNC
Value: "18xa~222s:192v~222s:191l~222s:190u~222s:18ym~222s"
.yahoo.com/ Name: APID
Value: UP7ab768d9-5c97-11ec-8252-0253bd5a5729
.yahoo.com/ Name: APIDTS
Value: 1639456621
.bidr.io/ Name: bito
Value: AAB7SU7DcD8AAD5PSBslxw
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1639456621100
.tapad.com/ Name: TapAd_DID
Value: b5d82f98-25b9-48f9-873c-c39fe4f25fc9
.go.sonobi.com/ Name: __uin_bw
Value: 30d8b910-c16a-4918-883e-092941626810
.pswec.com/ Name: tuuid
Value: 73b9c17e-5785-45e4-8572-595dc76bd133
.pswec.com/ Name: c
Value: 1639456621
.pswec.com/ Name: tuuid_lu
Value: 1639456621
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8356
.sharethrough.com/ Name: stx_user_id
Value: 35ad89d8-ce14-45e9-8171-2164b851acd7
.rubiconproject.com/ Name: khaos
Value: KX5M552T-Y-ILQ7
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JLQTdJR0d6SXlSMGRuVVRkNFZ6Vm1aV1oyUTFsSVUzZzVaMmhrVlhKa003b0dOd2lSVGhJeU5tUmpOR0ZoWW1ZdE9ESTJZeTAwTjJNekxXSTJaRGN0WkRVMllqazVZbVk1WkRZM0xUWXhZamd4WmpaakxUUXpOREc2QmlBSWwwNFNHMEZCUVVSTGMwSnlkMk5JTVhoQlRuaHpUVmt4UVVGQlFVRkJRYm9HRlFpZ1RoSVFXV0puWm1KQlFVeDZNVTlvVUdkQ1Vyb0dHd2lwVGhJV1FVRkNOMU5WTjBSalJEaEJRVVExVUZOQ2MyeDRkN29HSUFpcVRoSWJkR3RSTkRNeU9FUlNhbVJKV1VoQ1J6WjJaV2xYYVZZMGVtRlp1Z1laQ0t0T0VoUkRkRVJpWTBaa1ltaFRSa1JuVDB0cWJGZG5VN29HQXdpdVRyb0dBd2l3VHJvR1VBakRUaEpMZVMxb09WWTFkV2hrUlRKMVJtbzNjSEJWV0VjMFlrOW1WR3B3TlRaNFl6aDZWWDVCZmxWUU4yRmlOelk0WkRrdE5XTTVOeTB4TVdWakxUZ3lOVEl0TURJMU0ySmtOV0UxTnpJNXVnWVlDTWhPRWhNeU9ERXdNekUyTlRVd05Ea3hORFEzTnpneXVnWXhDTWxPRWl4NUxXSnlUSGRWUnpGRk1uVkdObFJNVUhkWmVVWkdUVlkzTGtVdWFtRmFXazlvU2pGNk16ZGtXUzErUWJvR0tRakxUaElrTXpWaFpEZzVaRGd0WTJVeE5DMDBOV1U1TFRneE56RXRNakUyTkdJNE5URmhZMlEzIiwiaWF0IjoxNjM5NDU2NjIxfQ.cMuIQg3KdKT4h1piAAlOyDkhPm0JYk_8Baj4OCOqwX3fR_5qVfZIIKBOoE4K_rElNyePjRwHnDAT1TgtXeUA0g
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwisjdX0rLGfOhAFEhYKB3J1Ymljb24SCwi255f3rLGfOhAFGAEgAigCMgsIrIXYocOxnzoQBTgBWgV0YXBhZGAC
.mathtag.com/ Name: mt_mop
Value: 9:1639456621
.rlcdn.com/ Name: rlas3
Value: DXfbXFXIIrPpsAOP/QTNDpjOsxzQ0BIIEOS/ZCvFKy4=
.rlcdn.com/ Name: pxrc
Value: CAA=
.rubiconproject.com/ Name: audit
Value: 1|jt2W1SGDIPFC3I+HTm4hr2H4FQ6u68OsJw/W98vb0WmXzu0U2rFvUGE9wD/NhB4MouMu1nFSUGbLv0ZnN1+t0Vm3DUAyuHnL

1 Console Messages

Source Level URL
Text
network error URL: https://tinyurl.com/2p9bpte
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
8b925794b9774990ad8695b1aff26239.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.us.criteo.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
ajax.googleapis.com
apex.go.sonobi.com
api.btloader.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.bing.com
c.deployads.com
c21lg-d.media.net
c2shb.ssp.yahoo.com
cat.va.us.criteo.com
cdn.adnxs.com
cdn.districtm.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
cs.lkqd.net
cs.media.net
csm.us.criteo.net
de.tynt.com
dis.criteo.com
districtm-match.dotomi.com
dmx.districtm.io
dmx.us-east-32.districtm.io
e.deployads.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hblg.media.net
hbx.media.net
i.clean.gg
ib.3lift.com
ib.adnxs.com
id.rlcdn.com
img.3lift.com
inv-nets.admixer.net
lg3.media.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
medianet-match.dotomi.com
nym1-ib.adnxs.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pix.us.criteo.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
protected-by.clarium.io
px.ads.linkedin.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
rtb.mfadsrvr.com
rtb.va.us.criteo.com
s.amazon-adsystem.com
s.update.3lift.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.bfmio.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
t.pswec.com
tags-cdn.deployads.com
tinyurl.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us.creativecdn.com
warp.media.net
www.bing.com
www.facebook.com
www.google.com
www.googletagservices.com
x.bidswitch.net
pixel.quantserve.com
104.105.42.146
104.16.190.66
104.18.99.194
104.76.104.25
107.178.246.49
13.225.63.71
130.211.23.194
142.250.65.162
142.250.65.198
142.250.81.226
146.20.128.142
151.101.1.108
151.101.129.108
151.101.129.194
151.101.65.108
151.101.66.49
178.162.133.149
18.205.165.43
18.206.84.172
18.214.233.191
185.184.10.30
198.148.27.139
199.38.167.129
2001:4998:14:800::1001
204.62.13.72
207.198.113.179
209.54.180.3
23.209.184.224
23.50.53.184
23.50.53.187
23.52.167.93
23.64.109.237
2600:1f18:4e9:5a05:915b:1f70:c370:1ea5
2606:4700:10::ac43:1e1
2606:4700:20::681a:78b
2606:4700:20::ac43:4513
2606:4700::6810:5714
2606:ae80:1471:16::730
2607:f8b0:4006:809::2001
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::200a
2607:f8b0:4006:822::2003
2607:f8b0:4023:1404::9a
2620:100:a001::12
2620:100:a001::3
2620:100:a001::4
2620:112:f000:bbbb::11
2620:1ec:21::14
2620:1ec:c11::200
2a02:2638:1::13
2a03:2880:f041:11:face:b00c:0:3
2a03:2880:f141:82:face:b00c:0:25de
3.230.217.116
34.117.239.71
34.149.20.76
34.198.25.129
34.200.159.147
34.232.192.29
34.75.235.219
34.95.69.49
35.190.60.146
35.207.24.140
35.211.178.172
35.71.131.137
44.193.114.165
47.252.78.131
52.200.139.202
52.203.189.165
52.206.10.65
52.223.22.214
54.175.87.114
54.208.200.8
54.227.68.116
54.230.162.104
54.230.162.99
54.236.221.120
54.87.192.123
64.202.112.127
67.202.105.22
67.202.105.34
68.67.160.76
68.67.161.207
68.67.179.77
69.166.1.14
69.173.151.100
74.119.119.137
74.119.119.147
74.119.119.149
74.119.119.150
74.121.140.14
96.6.25.130
00b81a154830d78f11aa45546f0ce07749a38d2199d7e3815c7d9dc4bc1f5353
06ff8e8502c4531f0df93b854f4dfce4acf1137edb18f03febc6b0847767bd4a
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08cc328b694c445da6f0cced97731c877ff03d25b9ca67e39d39c818025a596c
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c92daa68408017973f1f5ac6abf23adddf7b2f296d8ee036cb931f646c4d748
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
10bb8ee6f560be2c751aed2db445c130f3e199a19607ebe96317d9c275576ae3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1226641b7e74bcc11c47a179476679c8789e3e4249b13df4d2e3dea936a99577
1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd
1c70969c8a19381bc98aaa3b2746e8f78fd58a7119e984f48565ace8e3c5da1b
1ed2ad645799e2f4bb7e37b151ee1918e80ec79b174f45064afe705a741c62bd
23ebed6d9518b1cd0d2d4bb3963b2ff7263c0cd2e0df67d35966f12402aebd67
24f164db30f201dfea047e885e44e77a310f64af80264642cddf21c22c395e5c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d84597c3be8cabb61a4fc814e6605619120387ea51597cf5ff2a87534748230
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
32d72bc56c79e47c829251301b78ba7af1b9b21b3a2037742b7ee0a74b61bc26
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
340ed74a140bf0c63db9fe62625c5cd6bf3e975267c76848cd79346a58f8b765
369c0c8ed1a1a5cc29e6fd01d24fb43cf2e3a0d5ef06a1d3025f13407e029570
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38258a3aa023ee5b5f45a8c149fd28449112dc4bf60411d2c88a4a6e33506df4
3b662fdcfa0c1a3cf8a437afc84b6da596b0e62b1b83d165bfeb8ed84edd5763
3b8193e57e668cfc2d8d149b432ca8fc4a332ee72768e391f98428b28547f32d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f76726654621b5bf25797f3a07641473a2f723bbcfe6b0984107539b1f8b9a0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5
46e524e8b269666256f887927b8be62420e1780b04f90bea82799740666f16c8
48a2f9e03268ec5515b6dec975fd251e0f3c847f84a5c7701a57caf71749cfd4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54f6b72272a78eb9a9e3eed800fbef12e6f6e8fcc03c85d9b6a514f76c9d6f43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ede9c944329644bc1b4e680bb85ff421e1a3079c6bde6179bbb0f263ed794e
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5f254506005dc76cbc62d7a71c339f6737903e448723871001b258be9eb84806
5fbd195fb6d9f8e94530a0d720b4a96dda93a7c870e77c62796651298ffd2f3c
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68348f524765cdaf0475c57524c43f0d3d86ac5599bf6a28458dda7b6c660d99
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
708471b7d237ae286f8678b918d7e55b670129f2521b63bd3015731c061a5a12
70aa2e2a8bfbeb45f6a98effbb358f92caf98025cdf02999c647990d73dfa874
74f870848dbd279273e0f1861ad686d70ae3a66ae2d14a021232165b5ce1751c
7662ba85268f9984fca1f87f7b8b7f1f694e00cb1fbe44874eff870ec8a55813
77515ec281dd97534008974c2b90d521af01e71443d7152b35958ba6a6e8fd95
77f704ffa97b53b40c08c5875d2cc5ae4c22ecb4251c51c9607d4425219fd504
783d4caae522bffcdf7bfd26133e7a6cfe0fdfd80ceb4383b4965d890ee8e13f
78aa5739633107abcebea3fd27a635dbe53814547118bc999f96a10f9ea46b6d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7d88f7b011edf23ea600a3b84d729ba901ccf8bd56bb2e0f0cafb750acb54d8a
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6
821ddb26aff6e6c2aae4f281c940049e595eddc2b59b4365af43202c3b89feca
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84228c9af7c7e395f2bda0f50c45c07a9c8518dbbf70975fbcbc6fb664c494c4
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
952037785d1342d7faac845b1f220e9e5ee5a4c099ff102d7ab17e08ddba3744
988207883de26010f5512c0b5676a5011a31c0035b4b261c40b2ff33853fc7af
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a333e6cb6496ccdca039086923e7bb4e91b290a0190ca6409e9a6bc4fc53cfd8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4df902d31e9f68e6626da4c71fba02045124d36cd33d50056bb4ee32058cdce
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8cba0a196d49f8d22dd25f99b3c2fd4a112a52f1f93f38dc603212c9ed87629
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac73208a253e42dc0e65f91e6187aa72477631812980ab92f8c33157473d87f0
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acef084c3bf3279537e37a0b2c70b716a4a13473cd833e5f1441d267ca6e3c78
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b6bf683c3353cd4c9a4438264a516735f547e5862448a63cb96bcc903a0d208c
b87e9a11d9cbf38748c319752759e71aa4403286c8048b88bc54b13b65f51f0a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcf4f1f0d7d7259bb983f48e555a0f1eb38b29d59b0714ec79b754aad7049703
bfa12779f481d024004ac40f96aa837e671f2b6362ca6b3b84f6edf061825e98
c103809a58d0f6a162baa6f4cb9b3508ffa5007b26f69c9c450683d6af211010
c127b3654b7bb187418990565c90c0a5e4d72a1631fcd939034554a9c9ba03db
c3c5ffd5f1a641425acfe6de49c1872c05ec856e13eee106bb9ff4af3fd169c3
c4ebf821dd2d851e8c89b99cc4d5fe1b30886fa456ca456c766ce5220a760101
c645c534749e351800f77559d8d9024693b0366ada340d181e60b25fafa12c30
c6abf16524d8ebec8ab23192860cb6b002e32edf88f9cfb7d2e193ae5409e492
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c91b12f6e0a9576b611c6a671f1417b6e3bbae533050894e0fedcaad42df7ad5
caf5009593135b7e5343a9f82903459157182d18ccb783cf1fbc9b974174e544
cce0c1c1da1615f73cf249167fa2e48323a3a878cf13ba02fccf44bd39c30923
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d089504a91c483597451d9533059303d2e2b3d7c1734ca86e64dabbb89f262e9
d40505bbecfb1628aaa64394172289b13174757d413d482d60d64dbc1cc9a684
d409a8a519092e2d01699a2dcda3c106838f363c869ffbf53fd93274d666a955
d6e0115eebc2a614b4e21afbda6911083218baebb3ebcd17caad9ceef1ffbdfe
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dedb0f39d7396d6806599c5863f2c07e523085647fbf8aa1dfff9a8fb634d489
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e176986510cb15d7e4f78bdf71c4b5c4a48bf3d91c8f702675f346fd537aa1e3
e38927747d03909acc985a8285747cfa66d950cd24118d56ba00c21e815467d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e4948b1c3a94ac88fd3ba09f9a6248673496cc5c082a626a62f9786e2ed971
f3cb7ee8a0a33dcd24cef6503369585ef73550890a1b44f525b85ae599defcc9
f3dbcf15816270164a42ac8047f860c48c18a7d110e8790ac26a43ddedc84c37
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914