urlscan.io logo urlscan.io
SecurityTrails logo

tinyurl.com Open in urlscan Pro
2606:4700:10::6814:8b41  Public Scan

Go To Rescan Add Verdict Report
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Submission: On February 18 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 3 countries across 51 domains to perform 229 HTTP transactions. The main IP is 2606:4700:10::6814:8b41, located in United States and belongs to CLOUDFLARENET, US. The main domain is tinyurl.com. The Cisco Umbrella rank of the primary domain is 17283.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.
This is the only time tinyurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.107 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2607:f8b0:402... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
9 18.214.233.191 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 151.101.129.194 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 142.251.40.194 15169 (GOOGLE)
1 142.251.40.198 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 130.211.23.194 15169 (GOOGLE)
2 34.149.20.76 15169 (GOOGLE)
6 34.235.17.126 14618 (AMAZON-AES)
1 54.89.44.121 14618 (AMAZON-AES)
4 34.236.83.94 14618 (AMAZON-AES)
1 34.232.21.36 14618 (AMAZON-AES)
4 2602:803:c002... 26667 (RUBICONPR...)
1 6 68.67.179.133 29990 (ASN-APPNEX)
13 104.16.190.66 13335 (CLOUDFLAR...)
1 69.166.1.14 27630 (AS-XFERNET)
23 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
24 2607:f8b0:400... 15169 (GOOGLE)
3 7 2607:f8b0:400... 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
3 151.101.65.108 54113 (FASTLY)
12 68.67.179.155 29990 (ASN-APPNEX)
10 2607:f8b0:400... 15169 (GOOGLE)
3 3.218.215.219 14618 (AMAZON-AES)
7 12 142.251.40.226 15169 (GOOGLE)
1 2 52.70.253.5 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
3 5 23.216.84.240 16625 (AKAMAI-AS)
13 13 67.202.105.24 32748 (STEADFAST)
2 4 67.202.105.31 32748 (STEADFAST)
6 104.77.247.148 16625 (AKAMAI-AS)
2 9 35.71.139.29 16509 (AMAZON-02)
2 151.101.1.108 54113 (FASTLY)
12 12 35.211.178.172 15169 (GOOGLE)
2 2 54.81.207.173 14618 (AMAZON-AES)
4 4 103.229.206.240 30419 (MEDIAMATH...)
1 5 69.166.1.10 27630 (AS-XFERNET)
2 2 151.101.130.49 54113 (FASTLY)
2 2 198.148.27.140 19189 (PULSEPOINT)
2 2 216.152.140.200 13768 (COGECO-PEER1)
2 2 52.0.156.250 14618 (AMAZON-AES)
4 5 107.178.246.49 15169 (GOOGLE)
2 2 199.38.167.129 54312 (ROCKETFUEL)
9 9 35.71.131.137 16509 (AMAZON-02)
1 2 68.67.181.207 29990 (ASN-APPNEX)
1 1 34.102.163.6 15169 (GOOGLE)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.98.194 13335 (CLOUDFLAR...)
2 2 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 209.54.180.3 16509 (AMAZON-02)
1 1 204.62.13.72 46636 (NATCOWEB)
2 2 70.42.32.95 22075 (AS-OUTBRAIN)
1 1 173.223.56.123 16625 (AKAMAI-AS)
2 2 3.233.68.37 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 34.237.108.132 14618 (AMAZON-AES)
3 3 54.175.87.114 14618 (AMAZON-AES)
4 8.43.72.97 26667 (RUBICONPR...)
4 4 8.43.72.98 26667 (RUBICONPR...)
1 2001:4998:14:... 14777 (YAHOO)
1 35.190.60.146 15169 (GOOGLE)
2 2 23.208.46.198 16625 (AKAMAI-AS)
2 2 47.252.78.131 45102 (CNNIC-ALI...)
2 2 54.159.196.118 14618 (AMAZON-AES)
11 34.117.239.71 15169 (GOOGLE)
4 4 2606:ae80:145... 25751 (VALUECLICK)
1 1 69.173.151.100 26667 (RUBICONPR...)
229 52
5    2606:4700:10::6814:8b41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    2607:f8b0:4006:81f::200a (Queens, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.85.61.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-107.ewr53.r.cloudfront.net
tags-cdn.deployads.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    18.214.233.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-233-191.compute-1.amazonaws.com
e.deployads.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
10    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.251.40.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
6    34.235.17.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-17-126.compute-1.amazonaws.com
c.deployads.com
1    54.89.44.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-44-121.compute-1.amazonaws.com
tlx.3lift.com
4    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
1    34.232.21.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-21-36.compute-1.amazonaws.com
ads.yieldmo.com
4    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    68.67.179.133 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
13    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
23    2607:f8b0:4006:817::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
pagead2.googlesyndication.com
1    2607:f8b0:4006:823::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
tpc.googlesyndication.com
7    2607:f8b0:4006:822::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
20    2607:f8b0:4006:81f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
12    68.67.179.155 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
10    2607:f8b0:4006:824::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    3.218.215.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-215-219.compute-1.amazonaws.com
protected-by.clarium.io
12    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
2    52.70.253.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-253-5.compute-1.amazonaws.com
scotiabank.demdex.net
1    2607:f8b0:4006:806::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    23.216.84.240 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-84-240.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
13    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
6    104.77.247.148 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-247-148.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
12    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    216.152.140.200 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
5    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    68.67.181.207 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.98.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    2600:1f18:4e9:5a05:e85f:acb7:52bc:8c40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    3.233.68.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-68-37.compute-1.amazonaws.com
match.prod.bidr.io
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    34.237.108.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-108-132.compute-1.amazonaws.com
pixel.advertising.com
3    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
1    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
2    23.208.46.198 (Philadelphia, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-46-198.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    54.159.196.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-196-118.compute-1.amazonaws.com
cms-xch.33across.com
11    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
4    2606:ae80:1451:14::1080 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
262 KB
45 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
ad.doubleclick.net — Cisco Umbrella Rank: 167
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
336 KB
28 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1312
ssc-cms.33across.com — Cisco Umbrella Rank: 760
cms-xch.33across.com — Cisco Umbrella Rank: 2652
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1338
10 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
cdn.adnxs.com — Cisco Umbrella Rank: 1304
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1243
acdn.adnxs.com — Cisco Umbrella Rank: 547
secure.adnxs.com — Cisco Umbrella Rank: 350
148 KB
21 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
eus.rubiconproject.com — Cisco Umbrella Rank: 512
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
token.rubiconproject.com — Cisco Umbrella Rank: 593
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
42 KB
16 deployads.com
tags-cdn.deployads.com — Cisco Umbrella Rank: 11146
e.deployads.com — Cisco Umbrella Rank: 8261
c.deployads.com — Cisco Umbrella Rank: 2473
149 KB
13 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1164
cdn.districtm.io — Cisco Umbrella Rank: 1644
5 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
7 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
353 KB
10 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
ads.yahoo.com — Cisco Umbrella Rank: 835
4 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 532
eb2.3lift.com — Cisco Umbrella Rank: 356
10 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
5 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1414
sync.go.sonobi.com — Cisco Umbrella Rank: 811
6 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
2 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
4 KB
5 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 17283
25 KB
4 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 2416
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
3 KB
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1078
5 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
1 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1750
1003 B
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2604
531 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
674 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
990 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
860 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 497
552 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 615
1 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 891
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 516
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
585 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
1 KB
2 demdex.net
scotiabank.demdex.net — Cisco Umbrella Rank: 54564
2 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1485
70 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 993
api.btloader.com — Cisco Umbrella Rank: 1201
9 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
499 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 548
449 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 946
606 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 447
1014 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2092
586 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 212
667 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1554
250 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
15 KB
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12901
792 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 633
352 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1221
937 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
34 KB
229 51
Domain Requested by
22 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
googleads.g.doubleclick.net
22 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
tinyurl.com
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
20 googleads.g.doubleclick.net tinyurl.com
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 ssc-cms.33across.com 13 redirects
12 x.bidswitch.net 12 redirects
12 nym1-ib.adnxs.com tinyurl.com
cdn.adnxs.com
11 cms-xch-chicago.33across.com de.tynt.com
eus.rubiconproject.com
11 dmx.districtm.io tinyurl.com
cdn.districtm.io
10 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
eb2.3lift.com
10 www.googletagservices.com securepubads.g.doubleclick.net
tinyurl.com
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 securepubads.g.doubleclick.net tags-cdn.deployads.com
securepubads.g.doubleclick.net
tinyurl.com
www.googletagservices.com
9 match.adsrvr.org 9 redirects
9 eb2.3lift.com 2 redirects tinyurl.com
eb2.3lift.com
9 e.deployads.com tags-cdn.deployads.com
7 www.google.com 3 redirects tpc.googlesyndication.com
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 eus.rubiconproject.com tinyurl.com
eus.rubiconproject.com
de.tynt.com
6 ib.adnxs.com 1 redirects tinyurl.com
googleads.g.doubleclick.net
acdn.adnxs.com
6 c.deployads.com tinyurl.com
5 pixel.tapad.com 4 redirects
5 sync.go.sonobi.com 1 redirects
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 tinyurl.com tinyurl.com
ajax.googleapis.com
4 33across-match.dotomi.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com
4 sync.mathtag.com 4 redirects
4 de.tynt.com 2 redirects tinyurl.com
4 fastlane.rubiconproject.com tinyurl.com
4 c2shb.ssp.yahoo.com tinyurl.com
3 ups.analytics.yahoo.com 3 redirects
3 px.ads.linkedin.com 2 redirects
3 protected-by.clarium.io tinyurl.com
3 cdn.adnxs.com tinyurl.com
2 cms-xch.33across.com 2 redirects
2 event.clientgear.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 pixel.advertising.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 b1sync.zemanta.com 2 redirects
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 secure.adnxs.com 1 redirects acdn.adnxs.com
2 p.rfihub.com 2 redirects
2 loadm.exelator.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 bh.contextweb.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 acdn.adnxs.com tinyurl.com
2 cdn.districtm.io tinyurl.com
cdn.districtm.io
2 scotiabank.demdex.net 1 redirects ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ssc.33across.com tinyurl.com
2 confiant-integrations.global.ssl.fastly.net tags-cdn.deployads.com
confiant-integrations.global.ssl.fastly.net
2 www.facebook.com tinyurl.com
2 stats.g.doubleclick.net tinyurl.com
2 connect.facebook.net tinyurl.com
connect.facebook.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 id.rlcdn.com
1 ads.yahoo.com
1 ums.acuityplatform.com 1 redirects
1 stags.bluekai.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 c.bing.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 s0.2mdn.net ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 apex.go.sonobi.com tinyurl.com
1 ads.yieldmo.com tinyurl.com
1 tlx.3lift.com tinyurl.com
1 api.btloader.com btloader.com
1 ad-delivery.net tinyurl.com
1 ad.doubleclick.net tinyurl.com
1 cdn.jsdelivr.net tinyurl.com
1 btloader.com tags-cdn.deployads.com
1 tags-cdn.deployads.com tinyurl.com
1 ajax.googleapis.com tinyurl.com
229 80

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.deployads.com
Amazon		 2021-06-03 -
2022-07-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-28 -
2022-02-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2021-12-25 -
2022-03-25		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.yieldmo.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh

This page contains 28 frames:

Primary Page: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Frame ID: E89039317F8A42A29B44926F86D550FF
Requests: 66 HTTP requests in this frame

Frame: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 652703687EB55E85DEBD2BC1B181162C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBC09E96998D0AC6E2B79AE4426DE2E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EF761313F9A9AE75327EC42FB24A860
Requests: 2 HTTP requests in this frame

Frame: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 956E7B1B9A4AF64E71D4FF4027946BF1
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrDjgTi5Ql9EPl6JSibXjTIZpXSlISfC9jEsEe-mA6GNydVhvkEwOzHCkAN0zA_-wDXseU6penLvuZs3vOqKNTNpROg0yEZLhMhh1qtFDgwRACzY-E3t4pqdi_zQgdsgS3hhNNdYr-_HlvueQ4iEFZeBHyOkY8NdpqtXmKLG3sUHWmZCTn175sUIISnCThCE4UUPV-Tjp7UmezVKmQkQ7ZBJNuWH98QHbqGIQugcZwa-CKP2w_whPG684CORXl9jp-iw6uQQ5iMbxOE9yOuhcxiHM2g3sShb7hXJc4nmrXRc0EXX3iCmoz0yaft7G-HeI&sai=AMfl-YS3WaWXccV0uVmzLeOP4S-DBc7exel0tnOQzV-x5gs3_dVGjB6kl-IC6CKEkzbpkI8i237NUIif8vI5wpezCzyWC7QCPFi4xr3-BkUyZBqYQeqEOnkyqzCKwmH9ljYv&sig=Cg0ArKJSzMf8a0yFh7VfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 943A6B1C47A92DBAF113C6EFB74CFF77
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 58316F53D1374FCE75617770595CF529
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCTwEchnp8EF17kM8ez6gjKby53CB4b2aCLQtJFEGTGRK0qcHpYur_usHzyEbIAO_kuhegNZO95DmzYgkB958xdTN4qxdN-HCZlKRbDroVubJDhJxsAXzqTkRKohA9MDLS5vAoZvEIGS1xxKbXraCK6vO1SYCjckDVuCnS2Z01Inu5TRgd0DHffznvaejHt0mB2_8tzNhV7O6r3w4KqwPHs-eNDdrXadyl5sSRTzmj8Zg7yZw3H2ImDgHueTxpLkM9hWnI1hppJ_x5uyxkdnFRGkV1nTSNrFGKv-ivxDCAu37hA0UFOMRn5ImvYV-xJA&sai=AMfl-YSGHFUtci5PEjjtYNwXALSZXTSDksSHuRCzJBG4gSaRgN2V2OhwHJVaBsqgDKpvV5ejgabjC2NGl6MiRceUzU4tKwwoGxqlQPZhXnj4MOzU11W0k_RkUbSd951_3s85&sig=Cg0ArKJSzHg3FPeZorMqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D54B2C1F0CF13CBBA4D8E14578306437
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: E7DC4E5EC0D9C6DE7F46DB0FBBF4AB2A
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoRXE3Yd2kN7WzAkMjkYTA8GAZygJXGomrw6T8clsvSE2ZXXH5Ydw8MvfjOx1q1qOymDuMm4_QJN4pUuhXsg3jFWJ8BE-WazRzDaZ_4EtOlu4uL5pDJnr6RVOFUeZCuj1xSenxY34poT7nCivbLUbWMDRBk7WCt6YgydmGudJ7tbcSuq-bCsJAu3lRZ_2UTB_K__J59EvzkWjtTls10LntWLJlA1_ApntNaO9c_1lzN3a44lKgNDksMzDF7J84KzYDjSdurzQlqzcbUhrijMASrGLKykvwXn7A5Sp6ciMKptF2FKZMvmNXHl1Sx8R_3KQ&sai=AMfl-YQ8yv92217PQ0Kxonf-loXK4QluKRtaaxwPx4iWwF7i_5K3YelpT16pKGqGQRx3xMTFJIMWfWORS0_4CoxGuAYSe895PFWNAs4BY5u8K_W0kbcBIVEoH28Or3he83e-&sig=Cg0ArKJSzJNnwjffHoa6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BF42370ECF9613A82DA7B8A903AD8408
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 4ADB8C8D3DB6473E9315F195BD9A59C6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYYkb6mrwEwAQ&v=APEucNX2xIZ4Ot4P85--JPC8x1HO1lwDWKCaKcfTyiTrybJk2c7LY0gA3nyHh1Lu814DG-qvnvNKapHaf-MdQ5mMHZdnLlUCaA
Frame ID: 26F8ED890304F6C804EF95E8B1454810
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B9C8AD63BF35F27A41600814CDC01B83
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FAE41A426C3420F510B56698697C1E56
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2B3EC35338EBCC760300B9E96473D999
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CE366C8DA3E49C52DAED629E1A2EEDB2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: ADE81BE6044BD12E707CC4CE45B8FF96
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: 9E3E07AB71E77EB13ACC8E42AC7BC673
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: 4AA0ED136C78D894E30CE7718E5CA5B1
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 6DF252B220203D84FB86F914091FE3CE
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D936950A9E72DF3C31029BA34C85EDAD
Requests: 10 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: F77EBEA7DE7C84CF5DCC729FD5F65EAA
Requests: 10 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 00C53E7DBDD234633F1946E0909B46A3
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 331402F135985D36E3AFDE4A4AE34375
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B65CE60083CEB804E1A4650EF19211AE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 1B01AF3A3A47AF708C19BEC7BE6BCB51
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: E5EBEEEC9850D2627C203AEB91F12ED6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: E4FAF4358580230CD7F78EB8A4467DE8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TinyURL.com - shorten that long URL into a tiny URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

229
Requests

79 %
HTTPS

28 %
IPv6

51
Domains

80
Subdomains

52
IPs

3
Countries

1591 kB
Transfer

4463 kB
Size

94
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=154029259&d_campaign=26086129&d_placement=308368675&d_site=3375178&c_advertID=6105463&d_bust=2365091678 HTTP 302
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=154029259&d_campaign=26086129&d_placement=308368675&d_site=3375178&c_advertID=6105463&d_bust=2365091678
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&C=1
Request Chain 111
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yg-zSdbYZixVT.ynXBxe7AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&google_hm=2
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAXKYCoLjEuldbgISwQ-mVU&google_cver=1
Request Chain 113
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDcyMTk1MjU0OTY3NDQ1OQ%3D%3D
Request Chain 151
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 152
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 155
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 171
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 174
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 175
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 178
  • https://x.bidswitch.net/sync?ssp=sortable HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sortable HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=sortable HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=eEVHIluHThxsXVdVZQYL5pU4mb0&user_group=1&ssp=sortable HTTP 302
  • https://c.deployads.com/cs/bswt?b=60e45fac-182d-4332-b0c1-f2271f9e3456&i=
Request Chain 179
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8835620f-f34c-4400-a069-18b4d3d11fc1
Request Chain 180
  • https://sync-tm.everesttech.net/upi/pid/1508?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FADBE%3Fb%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1508?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FADBE%3Fb%3D%24%7BTM_USER_ID%7D&_test=Yg-zSwAHNUMN8QBB HTTP 302
  • https://c.deployads.com/cs/ADBE?b=Yg-zSwAHNUMN8QBB&_test=Yg-zSwAHNUMN8QBB
Request Chain 181
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=a19e455b-960d-4166-a6a3-8887ea03ef60&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U0V2SXByLXRUY3U0VTV4dUF0R0g0QQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEM7K4g8gAVv3AevxCtDxsXM&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tDbKIUdS4Hpk
Request Chain 182
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456&google_hm=NjBlNDVmYWMtMTgyZC00MzMyLWIwYzEtZjIyNzFmOWUzNDU2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKD3Dvs9HYhAoc0VrT8EYm4&google_cver=1&ssp=sonobi&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60e45fac-182d-4332-b0c1-f2271f9e3456
Request Chain 183
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341%26partner_url%3Dhttps%253A%252F%252Fc.deployads.com%252Fcs%252Fcent%253Fb%253D00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341%26partner_url%3Dhttps%253A%252F%252Fc.deployads.com%252Fcs%252Fcent%253Fb%253D00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://c.deployads.com/cs/cent?b=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&gdpr=0&gdpr_consent=
Request Chain 184
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777311224324447
Request Chain 185
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1 HTTP 302
  • https://c.deployads.com/cs/TTD?b=0bf79414-7880-4cb1-93df-0406355863c9
Request Chain 186
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0bf79414-7880-4cb1-93df-0406355863c9&pubid=fb9580c293 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=a19e455b-960d-4166-a6a3-8887ea03ef60 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=a19e455b-960d-4166-a6a3-8887ea03ef60 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d1a02403-6be1-4453-a777-88e1dae30259%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0bf79414-7880-4cb1-93df-0406355863c9&ttd_puid=d1a02403-6be1-4453-a777-88e1dae30259%2C
Request Chain 187
  • https://secure.adnxs.com/getuid?https://c.deployads.com/cs/XNDR?b=$UID HTTP 302
  • https://c.deployads.com/cs/XNDR?b=5770721952549674459
Request Chain 192
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0bf79414-7880-4cb1-93df-0406355863c9&dongle=0cfd
Request Chain 193
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=k6B4LnqfM&dongle=u6nf
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOgpXAKm3-Dc0Ukic8Zl3w0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 195
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxODExODcyODkwNDI4ODIzNjcyNA%3D%3D
Request Chain 196
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1018118728904288236724&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1018118728904288236724&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7286ae5c-9483-4917-a7d3-70d9eee48614&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7286ae5c-9483-4917-a7d3-70d9eee48614&_noobservation=1&_expected_cookie=341f16a00debda7a147a5e669cd4f162
Request Chain 197
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1018118728904288236724?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YG8a_nNE2oTmP8nAQLRITdP2q1otMGLKCPlu41Ddrg--~A&dongle=0883
Request Chain 199
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1018118728904288236724 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1018118728904288236724&dcc=t
Request Chain 200
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1018118728904288236724&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D60e45fac-182d-4332-b0c1-f2271f9e3456%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ee833199d26e4c6f984db7c195eb1fe3&ssp=triplelift&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=60e45fac-182d-4332-b0c1-f2271f9e3456&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 201
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=yjwO1x5qEbtKmIpVpQ2t&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PFVHOTZRPA2XCRLCORFW2SLQKZYFCMTU&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PFVHOTZRPA2XCRLCORFW2SLQKZYFCMTU HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=yjwO1x5qEbtKmIpVpQ2t
Request Chain 203
  • https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
  • https://dmx.districtm.io/s/10056/1783777311224324447
Request Chain 204
  • https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 HTTP 303
  • https://dmx.districtm.io/s/10025/AAGsOk7EH-cAAHW5BcdV8w
Request Chain 205
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
  • https://dmx.districtm.io/s/10022/648294877380
Request Chain 206
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe9096352-90f0-11ec-8ce9-0a76a3100851 HTTP 302
  • https://dmx.districtm.io/s/10051/y-K44DmY5E2uH_DBYGaOq.HsosXjIU.MoJ~A~UPe9096352-90f0-11ec-8ce9-0a76a3100851
Request Chain 207
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/UgxfkWRdRCFch7TLE_NauZU4mb0
Request Chain 208
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0bf79414-7880-4cb1-93df-0406355863c9&gdpr=0&gdpr_consent=&expires=30
Request Chain 209
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZST1CDE-17-D84V
Request Chain 210
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZST1CDE-17-D84V&sigv=1&esig=2~3bbabe52e59a49fd42fac54e1e856f706462501a
Request Chain 212
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yIOfAMlHJbaT8tjsSH8Essn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=621242019481267589
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKL1X9_XAw7UYE5HPcnClXQ&google_cver=1
Request Chain 214
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c811620f-f34c-4200-83aa-d8c5a5813305
Request Chain 215
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNhM2I1OWU4Y2M1OTVmNTJhYzRkNDViYTc4Yjk0MzAzMzNmMjEyZg
Request Chain 216
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 217
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk4986a24f-382f-4b09-b124-f42635b8174d&expires=7&user_group=5&ssp=the33across&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
Request Chain 218
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1645212491764.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=1c14620f-f34c-4800-908d-521f1ce926dd
Request Chain 219
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 220
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=3ac31522212d1206&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZ_SSUcmI7QNtl2IkAAAAAAA&expiration=1645298891&is_secure=true&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZ_SSUcmI7QNtl2IkAAAAAAA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 221
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647804491%26external_user_id%3D0bf79414-7880-4cb1-93df-0406355863c9 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
Request Chain 222
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mka3576dfb-be38-4e47-9d17-ab0d38caa520&expires=7&user_group=5&ssp=the33across&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
Request Chain 224
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 225
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=82e2ee746821205&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZuO5H_-D3wMr80G0AAAAAAA&expiration=1645298891&is_secure=true&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZuO5H_-D3wMr80G0AAAAAAA&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 226
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647804491%26external_user_id%3D0bf79414-7880-4cb1-93df-0406355863c9 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
Request Chain 227
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1645212491786.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=6315620f-f34c-4100-ac95-afbb794738cd
Request Chain 230
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KZST1CDE-17-D84V HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KZST1CDE-17-D84V HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZST1CDE-17-D84V&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

229 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
tinyurl.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
acef084c3bf3279537e37a0b2c70b716a4a13473cd833e5f1441d267ca6e3c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.26
cache-control
must-revalidate, no-cache, no-store, private
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6df9a81c0d3d4bca-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
legacy.css
tinyurl.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/css/legacy.css
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8cba0a196d49f8d22dd25f99b3c2fd4a112a52f1f93f38dc603212c9ed87629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 13:08:11 GMT
server
cloudflare
age
4582
etag
W/"1675019833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6df9a81ddff94bca-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 08:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Feb 2023 08:50:33 GMT
tinyurl_logo.png
tinyurl.com/siteresources/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinyurl.com/siteresources/images/tinyurl_logo.png
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbd195fb6d9f8e94530a0d720b4a96dda93a7c870e77c62796651298ffd2f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Feb 2022 12:51:14 GMT
server
cloudflare
age
4581
etag
"3894936796"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6df9a81dff1d7148-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20029
tinyurl.com.js
tags-cdn.deployads.com/a/ 		467 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-cdn.deployads.com/a/tinyurl.com.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-107.ewr53.r.cloudfront.net
Software
awselb/2.0 /
Resource Hash
797350085864995eed89bec557819b77991a49df0d0e63d2ffcfacea3fed775e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
public
Date
Fri, 18 Feb 2022 19:28:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Feb 2022 19:28:07 GMT
Server
awselb/2.0
X-Amz-Cf-Pop
EWR53-P1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Via
1.1 8282f128b49d2396c0a763ec7449f11e.cloudfront.net (CloudFront)
Cache-Control
max-age=1800,public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
j-I8aNSt0fZ_DcI8ccNTU0ccAhDeu54qmsEYjjLYUyGEAHoRM10zkA==
Expires
Fri, 18 Feb 2022 19:58:07 GMT
common.js
tinyurl.com/siteresources/js/ 		188 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/siteresources/js/common.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f6b72272a78eb9a9e3eed800fbef12e6f6e8fcc03c85d9b6a514f76c9d6f43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 18 Feb 2022 12:51:14 GMT
server
cloudflare
age
4581
etag
W/"740393190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6df9a81e78127148-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
xDoa9c9ZkVbA5oAnadJgkxJuuPmcmRYsnPSD2P8vyoXR5h0VF8zCMv1DW9fVV9Lg1u8CLNj64/eFq+gYouLW1Q==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 18 Feb 2022 19:28:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2629
date
Fri, 18 Feb 2022 18:44:18 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 18 Feb 2022 20:44:18 GMT
common
tinyurl.com/dyn/ 		43 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tinyurl.com/dyn/common
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
340ed74a140bf0c63db9fe62625c5cd6bf3e975267c76848cd79346a58f8b765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
en
content-type
application/json
cache-control
max-age=0, private
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6df9a81eb8667148-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
x-xss-protection
1; mode=block
196261077476671
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/196261077476671?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6c80a80ce4ce38dc9bb6ac62195c393b62d1de6ffb106a2579b19061c8a6c27
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89650
x-xss-protection
0
pragma
public
x-fb-debug
z9KmMGdoalqUvm9WjVaYJXU0VTX3qrQCSDm+vaE5QOjdywRhri/QnLJxGBYPszpKjOQ/ScQqqtcFi9dTXKCC/Q==
x-frame-options
DENY
date
Fri, 18 Feb 2022 19:28:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1054661851&utmhn=tinyurl.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&utmhid=1622316058&utmr=-&utmp=%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&utmht=1645212487561&utmac=UA-6779119-1&utmcc=__utma%3D224967455.1624275069.1645212488.1645212488.1645212488.1%3B%2B__utmz%3D224967455.1645212488.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=864742003&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Feb 2022 19:28:07 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=196261077476671&ev=PageView&dl=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&rl=&if=false&ts=1645212487606&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645212487604.1714099226&it=1645212487505&coo=false&rqm=GET
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 18 Feb 2022 19:28:07 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:07 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
tag
btloader.com/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5733520474374144&upapi=true
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357d9b24729cf78b695745abb87e9a2144d8ce819cc3299170630e953e290de8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray
6df9a82018d74bd1-YUL
date
Fri, 18 Feb 2022 19:28:07 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16568
etag
W/"26a3fba659199f557df8d335dc771a07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSavLs6YEPZEEgXR6c1NWGBkUq1ZGqcTRpnyX%2FXc9uEErYgQ7ZfsLLGAoNUEfXpRUY8mK13LTExvBuCSqNNEjrjdi96h4WaaaNk5f3qL2IkJ1iw0S6i4KdC5SwvcWO42g4BOtorFqKwTcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
content-encoding
br
config.js
confiant-integrations.global.ssl.fastly.net/63PnFF5pyWGBQmDdBBe7mHE722M/gpt_and_prebid/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/63PnFF5pyWGBQmDdBBe7mHE722M/gpt_and_prebid/config.js
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ebf94d374976c3f405d9adb06a4f4df3cf78cdf0041f7ac8c021e6f4f055870

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:07 GMT
Content-Encoding
gzip
Age
433
X-Cache
HIT
Connection
keep-alive
Content-Length
11258
x-amz-id-2
ytljpVtY2qc7AM3DO69/gSFHRDqyXJiVQ3V5COJ0XbKQvdvcbbosRGaie+EYP/VgcoyaUlUNgkk=
X-Served-By
cache-yul12826-YUL
Last-Modified
Fri, 18 Feb 2022 19:14:05 GMT
Server
AmazonS3
X-Timer
S1645212488.713673,VS0,VE0
ETag
"9cd5f5e1864a9931b9f5469ab1d6fc8e"
x-amz-request-id
HQ24Y3FH5SE2SFF0
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
71
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220218
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ebd895fabbfa36b6a9fcb814836406fc9ab6b78031961579b43a28a831fa30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
16025
x-jsd-version
1.0.1256
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19123-FRA, cache-yyz4557-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-J0B9sJEDreWOU2GcOuqcOJcgd08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6df9a8203cb6ca47-YUL
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
sffe /
Resource Hash
2b52069108538f85e5383cb62ea31d9bb0f1812685fc6d2cf7a364d885530fd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27561
x-xss-protection
0
server
sffe
etag
"1136 / 411 of 1000 / last-modified: 1645185935"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Feb 2022 19:28:07 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 05:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Feb 2022 05:22:11 GMT
px.gif
ad-delivery.net/ 		43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6857997640922615
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 18 Feb 2022 19:28:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
851739
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0H43Yhzd7BqJIkjXznybGQ32YkPI2ElJb4zqnzXc4mmhYOtLaEmfnXJRZH1X30SHzejruR3%2FXcnikrsEmpsMK1E1%2FM%2FcpUUI2DTIVy8Zax17eFh15IKw1B9vbNv5R930ivIKc3jadztBTWDuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6df9a820da044bd1-YUL
expires
Tue, 08 Feb 2022 23:49:00 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/ 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/63PnFF5pyWGBQmDdBBe7mHE722M/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38e27f6cbe86b26bf65dff11b6d203ecc3231ddcd010cc89a3889f3c03bc3f73

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:07 GMT
Content-Encoding
gzip
Age
1
X-Cache
HIT
Connection
keep-alive
Content-Length
59645
x-amz-id-2
XFZvSHn3reQ2oGBVXsZPqf1rg7Ip8O6fLUvA1kRYfHkDLrph4IYbMXEKSLbptKnhhMe5/XFy4uw=
X-Served-By
cache-yul12826-YUL
Last-Modified
Thu, 17 Feb 2022 18:21:30 GMT
Server
AmazonS3
X-Timer
S1645212488.730341,VS0,VE0
ETag
"724754dd331b2038d7b614ac5d8a9900"
x-amz-request-id
C6WEYS2355VJS95G
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
5
pubads_impl_2022021602.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
sffe /
Resource Hash
a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 20:14:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124238
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 02:36:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Feb 2023 20:14:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		539 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
b87e9a11d9cbf38748c319752759e71aa4403286c8048b88bc54b13b65f51f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
expires
Fri, 18 Feb 2022 19:28:07 GMT
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=iUxD72WfX&w=5764937749102592&o=5733520474374144&cv=2.0.2-3-gcd67958&r=false&pageURL=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5733520474374144&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:07 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:07 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
hb
ssc.33across.com/api/v1/ 		117 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d9HhYeaj8r6QaoaKkGJozW
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e9eddbb587d76472e15be5454499b8e95b60ac475c8b3f8f45010ba806f4f25e

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		117 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bggfyaakar6PmwaKlId8sQ
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
29cc5eadea13ad0eb2071f8c8592ab2d0db4ec72d9ddeadc0e8daa9a4e6e10aa

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
auction
c.deployads.com/openrtb2/ 		500 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.6.0&host=tinyurl.com
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
7ac24339c6e8d9a395ba70fa3fb96e98ba312b882fabd204438592181beaf717

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:08 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
500
expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
tlx.3lift.com/header/ 		16 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.6.0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&tmax=2100
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.44.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-44-121.compute-1.amazonaws.com
Software
/
Resource Hash
89640defe6150bf8371e31a662ecb9c56546c50b55ec3feab7152976489dd4fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
6049
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72295140073&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ff50f1713a9c6e1d689024430f12c414a0c36c443525ced3b9b0f994aba0bc25

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0c985e1006cfef7d361a2fb2f0e5e699e9455ca9f7d8e2143ba8c7e51e518f40

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969105017575db4f32e72422f001ee&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
24af05d80b79f6c40d29c93f245aa39c13a8e128910cfc5c31d75b30b8b1adfe

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ef0175754ff4a155ad8bf9005a&pos=8a969d5d017575e55082e72637ca0076&cmd=bid&secure=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
53619d17a1256e6b16ba90f198e162e8f36fb6ac37545798440e0b073fd44d62

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
content-length
62
prebid
ads.yieldmo.com/exchange/ 		0
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.6.0&p=%5B%7B%22placement_id%22%3A%22%2F1966186%2C34718310%2FPub_tinyurl.com_160x600_2_Sortable_Left_Sidebar_0%22%2C%22callback_id%22%3A%2222af4d4ae4ac09%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222352983247081644305%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&bust=1645212488000&pr=&scrd=1&dnt=false&description=TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.21.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-21-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tinyurl.com
pragma
no-cache
date
Fri, 18 Feb 2022 19:28:08 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13218&site_id=405388&zone_id=2271976&size_id=9&rp_schain=1.0,1!sortable.com,795,1,,,&rf=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&tg_i.pbadslot=1966186%2C34718310%2FPub_tinyurl.com_160x600_2_Sortable_Left_Sidebar_0&tk_flint=pbjs_lite_v5.6.0&x_source.tid=d3a009ac-81e8-41a4-a44f-65ba5e69abad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06564872647085584
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6e2ab2bf5a3a1ed693701e5df5a66d57ddd70ee5f7738961cf8d711b3f6d9f48

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
323
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		321 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13218&site_id=405388&zone_id=2271976&size_id=2&rp_schain=1.0,1!sortable.com,795,1,,,&rf=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&tg_i.pbadslot=1966186%2C34718310%2FPub_tinyurl.com_728x90_2_Sortable_Leaderboard_0&tk_flint=pbjs_lite_v5.6.0&x_source.tid=5f18201f-8725-4f09-9574-a45b11644674&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0767783791923684
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8bb5dc328dc0f0a8d3dca7c3c86926f957c162bcebd998ae2a24bd05d6fa1cc7

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
321
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		319 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13218&site_id=405388&zone_id=2271976&size_id=15&rp_schain=1.0,1!sortable.com,795,1,,,&rf=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&tg_i.pbadslot=1966186%2C34718310%2FPub_tinyurl.com_300x250_Sortable_Right_Sidebar_0&tk_flint=pbjs_lite_v5.6.0&x_source.tid=2435d8e0-07d9-4083-b2cd-e0b4846bb554&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2711258260558549
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
631946c6ebd6c9862f602972c10f42177103f3a42d54773b91d6619ba071d9b2

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		315 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13218&site_id=405388&zone_id=2271976&size_id=2&rp_schain=1.0,1!sortable.com,795,1,,,&rf=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&tg_i.pbadslot=1966186%2C34718310%2FPub_tinyurl.com_728x90_7_desktop_anchor_0&tk_flint=pbjs_lite_v5.6.0&x_source.tid=8e295393-5a7c-4b27-9bfc-5fee81e81375&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04117040162452801
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f7fd454c63383ac2c47a3473a4ba903f837d60c3121511ff9703c6b3ae7ba502

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:08 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
315
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		42 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
55cb4c47a4eb4fc89f608e6317d1b67cdb5f00cb33018a6128d0a725ed4160f1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Feb 2022 19:28:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
30fa3712-6838-430b-a61c-ebd2460295a1
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://tinyurl.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6df9a822aa3c53e3-YYZ
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		67 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0bc12838af940d4edf501f71e490a1e35265950ee980492c754634dfda1e13b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Feb 2022 19:28:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
619f964c-9078-4628-b307-fb49015d4a62
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		883 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22398ab262672953c%22%3A%22ad559ed82e9f14739f52%7C160x600%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_160x600_2_Sortable_Left_Sidebar_0%22%2C%22404ecc109c3d478%22%3A%22ad559ed82e9f14739f52%7C728x90%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_728x90_2_Sortable_Leaderboard_0%22%2C%224141c32d0b7a7bb%22%3A%22ad559ed82e9f14739f52%7C300x250%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_300x250_Sortable_Right_Sidebar_0%22%2C%2242c4e98197cd772%22%3A%22ad559ed82e9f14739f52%7C728x90%7Cgpid%3D%2F1966186%2C34718310%2FPub_tinyurl.com_728x90_7_desktop_anchor_0%22%7D&ref=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&s=25d82e37-5674-4d00-9d48-51fb191b124d&pv=a895de20-a340-4c68-8697-f761e69d79bf&vp=desktop&lib_name=prebid&lib_v=5.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sortable.com%22%2C%22sid%22%3A%22795%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e50f091ebfbb401cfe5a1d5385778aaa9b48be57b5cf41dda456fc2b0f8168a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-70
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
524
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tinyurl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		72 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2120409136008640&correlator=3944426073570689&output=ldjh&impl=fifs&eid=31064988%2C21064365%2C31064868&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=1966186%3A34718310%2CPub_tinyurl.com_160x600_2%2CPub_tinyurl.com_728x90_2%2CPub_tinyurl.com_300x250%2CPub_tinyurl.com_728x90_7&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=160x600%2C728x90%2C300x250%2C728x90&prev_scp=st%3D8%26sdbg%3D7%26s%3D0%26u%3D2yt%26br%3Dm%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.07%26hb_adid%3D44220ff0e7323d5%26hb_bidder%3Dappnexus%26uf%3D51i%7Cst%3D8%26sdbg%3D7%26s%3D0%26u%3D2w2%26br%3Dm%2Cp%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.48%26hb_adid%3D4902cdcaa7fe877%26hb_bidder%3DdistrictmDMX%26uf%3D63l%7Cst%3D8%26sdbg%3D7%26s%3D0%26u%3D2rw%26br%3Dm%2Cp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.64%26hb_adid%3D5077c8574fddd56%26hb_bidder%3DdistrictmDMX%26uf%3D5su%7Cst%3D1%2C8%26sdbg%3D7%26s%3D0%26u%3D9l5%26br%3Dm%2Cp%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.65%26hb_adid%3D51de96d95726fc4%26hb_bidder%3DdistrictmDMX%26uf%3D39s&cust_params=scv%3D2%26wrapper%3DV2&cookie_enabled=1&bc=31&abxe=1&dt=1645212488488&lmt=1645212488&dlt=1645212487304&idt=605&frm=20&biw=1600&bih=1200&oid=2&adxs=3%2C170%2C1280%2C0&adys=357%2C123%2C243%2C1355&adks=3373584571%2C236599969%2C1415490781%2C3563311070&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&vis=1&scr_x=0&scr_y=0&psz=170x839%7C1430x96%7C325x639%7C728x90&msz=170x600%7C1430x90%7C300x250%7C728x90&ga_vid=1624275069.1645212488&ga_sid=1645212488&ga_hid=1622316058&ga_fc=true&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
acad53e31ad29451802f07483a1d1c585e48a786604ec977850b4a9c47c3ee01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17099
x-xss-protection
0
google-lineitem-id
-1,5740385913,5740385241,5740386360
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138349458999,138349458966,138349459032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tinyurl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021602&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2826d39c65d62b5a37769b103a057c95f9dfe8ae48582b5f688e1b7239158708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9796
x-xss-protection
0
container.html
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6527 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Feb 2022 19:28:08 GMT
expires
Sat, 18 Feb 2023 19:28:08 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:08 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBC0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Feb 2022 10:05:22 GMT
expires
Sat, 18 Feb 2023 10:05:22 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
33766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3EF7 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3636afe87be3a60594c39bac8b85382bfd7a79c030c9d48e6a062694ce7e74b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dpn0dNUOBU+8wemjNcsGkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Feb 2022 19:28:08 GMT
date
Fri, 18 Feb 2022 19:28:08 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-dpn0dNUOBU+8wemjNcsGkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
pagead2.googlesyndication.com/bg/ Frame FBC0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 07:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
42820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13572
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 07:34:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3EF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021602&jk=2120409136008640&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
container.html
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 956E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Feb 2022 19:28:08 GMT
expires
Sat, 18 Feb 2023 19:28:08 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 943A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrDjgTi5Ql9EPl6JSibXjTIZpXSlISfC9jEsEe-mA6GNydVhvkEwOzHCkAN0zA_-wDXseU6penLvuZs3vOqKNTNpROg0yEZLhMhh1qtFDgwRACzY-E3t4pqdi_zQgdsgS3hhNNdYr-_HlvueQ4iEFZeBHyOkY8NdpqtXmKLG3sUHWmZCTn175sUIISnCThCE4UUPV-Tjp7UmezVKmQkQ7ZBJNuWH98QHbqGIQugcZwa-CKP2w_whPG684CORXl9jp-iw6uQQ5iMbxOE9yOuhcxiHM2g3sShb7hXJc4nmrXRc0EXX3iCmoz0yaft7G-HeI&sai=AMfl-YS3WaWXccV0uVmzLeOP4S-DBc7exel0tnOQzV-x5gs3_dVGjB6kl-IC6CKEkzbpkI8i237NUIif8vI5wpezCzyWC7QCPFi4xr3-BkUyZBqYQeqEOnkyqzCKwmH9ljYv&sig=Cg0ArKJSzMf8a0yFh7VfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Feb 2022 19:28:08 GMT
render_post_ads_v1.html
googleads.g.doubleclick.net/pagead/ Frame 5831 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4980
x-xss-protection
0
date
Fri, 18 Feb 2022 08:30:29 GMT
expires
Sat, 19 Feb 2022 08:30:29 GMT
cache-control
public, max-age=86400
age
39459
etag
12223946614886178233
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 943A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe0a348ab1514f7e456a57a4c604299afedb144ac35409803a4277423de868a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:05:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1366
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5311
x-xss-protection
0
server
cafe
etag
13703302848655719195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 20:05:22 GMT
trk.js
cdn.adnxs.com/v/s/223/ Frame 943A 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/223/trk.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:08 GMT
Content-Encoding
gzip
Age
202251
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29208
X-Served-By
cache-lga13621-LGA, cache-yul12833-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Wed, 16 Feb 2022 11:17:05 GMT
Server
AkamaiNetStorage
X-Timer
S1645212489.934478,VS0,VE0
ETag
"c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 16 Feb 2023 11:17:17 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 325142
it
nym1-ib.adnxs.com/ Frame 943A 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftinyurl.com%252Fmrczpmvu__%253B%2521%2521Iww4%25212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%2524&e=wqT_3QLiBuhiAwAAAwDWAAUBCMjmv5AGEKiEqaiB3pe6YxgAKjYJYU87_DWZ9T8RlXYPdcSu8j8ZAAAAgD0KEkAhlQ0SACkRJAAxCRuw7z8ww_LOBTj0DkDlHkhlUKeiyyVY6ahLYABozZIOeOjmAoABAYoBA1VTRJIBAQb03gKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDIy2AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLURPeTlvak1VM09LRVpZV2JvMlYyck9iZlNTMURvY1RXXzB6YnU3aWNVMmtJNjhMRjQ2RTlMNkZxdk5YM3hGSWlYVXFUZ3dIMklIUWFIR0gtY2lEOUtQUGNVX1dBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzcxNjY0NTcyOTIyOTE0NTc1NzYiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgD1rMv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAS7r9EdyAQA2gQCCAHgBAHwBKeiyyWIBQGYBQCgBduwoqiUluDKH8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8IABAAGAAgADAAOLQEQADIB-jmAtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=963957afbeadf138f61cffe74efc15658bcdd78f
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:08 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
eba2a522-5924-4b24-947d-b240f9526fc9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 943A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Bvfff8cDS8bemOZtAhUm8q75qWzEhpF6TptrRtBk0XYN-lft9iAWK24lCUhV4AyeRVc0nuVkx7kSglRpLghgKB-4BWYA
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 943A 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D54B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCTwEchnp8EF17kM8ez6gjKby53CB4b2aCLQtJFEGTGRK0qcHpYur_usHzyEbIAO_kuhegNZO95DmzYgkB958xdTN4qxdN-HCZlKRbDroVubJDhJxsAXzqTkRKohA9MDLS5vAoZvEIGS1xxKbXraCK6vO1SYCjckDVuCnS2Z01Inu5TRgd0DHffznvaejHt0mB2_8tzNhV7O6r3w4KqwPHs-eNDdrXadyl5sSRTzmj8Zg7yZw3H2ImDgHueTxpLkM9hWnI1hppJ_x5uyxkdnFRGkV1nTSNrFGKv-ivxDCAu37hA0UFOMRn5ImvYV-xJA&sai=AMfl-YSGHFUtci5PEjjtYNwXALSZXTSDksSHuRCzJBG4gSaRgN2V2OhwHJVaBsqgDKpvV5ejgabjC2NGl6MiRceUzU4tKwwoGxqlQPZhXnj4MOzU11W0k_RkUbSd951_3s85&sig=Cg0ArKJSzHg3FPeZorMqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Feb 2022 19:28:08 GMT
render_post_ads_v1.html
googleads.g.doubleclick.net/pagead/ Frame E7DC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4980
x-xss-protection
0
date
Fri, 18 Feb 2022 08:30:29 GMT
expires
Sat, 19 Feb 2022 08:30:29 GMT
cache-control
public, max-age=86400
age
39459
etag
12223946614886178233
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame D54B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe0a348ab1514f7e456a57a4c604299afedb144ac35409803a4277423de868a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:05:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1366
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5311
x-xss-protection
0
server
cafe
etag
13703302848655719195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 20:05:22 GMT
trk.js
cdn.adnxs.com/v/s/223/ Frame D54B 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/223/trk.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:08 GMT
Content-Encoding
gzip
Age
202251
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29208
X-Served-By
cache-lga13621-LGA, cache-yul12834-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Wed, 16 Feb 2022 11:17:05 GMT
Server
AkamaiNetStorage
X-Timer
S1645212489.947199,VS0,VE0
ETag
"c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 16 Feb 2023 11:17:17 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 326209
it
nym1-ib.adnxs.com/ Frame D54B 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftinyurl.com%252Fmrczpmvu__%253B%2521%2521Iww4%25212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%2524&e=wqT_3QLjBuhjAwAAAwDWAAUBCMjmv5AGEM3n59S65vu-CxgAKjYJAwmKH2Pu4j8RWwpI-x9g4D8ZAAAAgOvRIkAhWw0SACkRJMgxAAAAoHA9-j8wwPLOBTj0DkDlHkhlUKGf6SRY6ahLYABozZIOeOjmAoABAYoBA1VTRJIFBvRuApgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDE52AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-kBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLURLV0l4VXFkYnBFazVWM1BqX3BrdmhRekthY2p3UmtTVnUzY19uMW1RdDBJOURYQldFTmoteUp0YjBJbkJmcW9IRHFBM3I1SWpBS2ZLb0ZOZlJOb1dnVnAzRlVnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjgyODA4MDkxMTY5MDYyNTk5NyIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2APWsy_gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAShr9EdyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBevb1pL2gpChDcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAATgNAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8BWEwYACAAMAA4tARAAMgH6OYC0gcNCQ1GBUcI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=5bbde2cc40dd86521007ea8442b777b2cab14f1b
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:08 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ac9a5328-3738-4bd1-a244-f76834fa55e3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D54B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-DipQA2A59Tpj8cOF4QVgMnODhoAcDURaKZJvPV0p9zthgxVGz5YovOp19PqUFCoWhLjh423CYoVJUafow7zziJihEErQ
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D54B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
pixel
protected-by.clarium.io/ Frame 943A 		68 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NjNQbkZGNXB5V0dCUW1EZEJCZTdtSEU3MjJNL2Rpc3RyaWN0bURNWDo3Mjh4OTA=&v=5&s=v31fs74sl62&id=eyJwcmViaWQiOnsiYWRJZCI6IjQ5MDJjZGNhYTdmZTg3NyIsImNwbSI6MS40ODI4LCJzIjoiLzE5NjYxODYsMzQ3MTgzMTAvUHViX3Rpbnl1cmwuY29tXzcyOHg5MF8yX1NvcnRhYmxlX0xlYWRlcmJvYXJkXzAiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmRpc3RyaWN0bURNWDs3ODgyNzgxNSJ9&sb=undefined&cb=9286921&h=tinyurl.com&d=eyJ3aCI6Ik5qTlFia1pHTlhCNVYwZENVVzFFWkVKQ1pUZHRTRVUzTWpKTkwyUnBjM1J5YVdOMGJVUk5XRG8zTWpoNE9UQT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJkaXN0cmljdG1ETVgiXSwiaGJfc2l6ZSI6WyI3Mjh4OTAiXX19LCJ3ciI6MH0=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.215.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-215-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
Server
nginx
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
protected-by.clarium.io/ Frame D54B 		68 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NjNQbkZGNXB5V0dCUW1EZEJCZTdtSEU3MjJNL2Rpc3RyaWN0bURNWDozMDB4MjUw&v=5&s=v31fs74sl6l&id=eyJwcmViaWQiOnsiYWRJZCI6IjUwNzdjODU3NGZkZGQ1NiIsImNwbSI6MC42NDk5LCJzIjoiLzE5NjYxODYsMzQ3MTgzMTAvUHViX3Rpbnl1cmwuY29tXzMwMHgyNTBfU29ydGFibGVfUmlnaHRfU2lkZWJhcl8wIiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjpkaXN0cmljdG1ETVg7NzcyMjE3OTMifQ%3D%3D&sb=undefined&cb=9876333&h=tinyurl.com&d=eyJ3aCI6Ik5qTlFia1pHTlhCNVYwZENVVzFFWkVKQ1pUZHRTRVUzTWpKTkwyUnBjM1J5YVdOMGJVUk5XRG96TURCNE1qVXciLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJkaXN0cmljdG1ETVgiXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.215.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-215-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
Server
nginx
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BF42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoRXE3Yd2kN7WzAkMjkYTA8GAZygJXGomrw6T8clsvSE2ZXXH5Ydw8MvfjOx1q1qOymDuMm4_QJN4pUuhXsg3jFWJ8BE-WazRzDaZ_4EtOlu4uL5pDJnr6RVOFUeZCuj1xSenxY34poT7nCivbLUbWMDRBk7WCt6YgydmGudJ7tbcSuq-bCsJAu3lRZ_2UTB_K__J59EvzkWjtTls10LntWLJlA1_ApntNaO9c_1lzN3a44lKgNDksMzDF7J84KzYDjSdurzQlqzcbUhrijMASrGLKykvwXn7A5Sp6ciMKptF2FKZMvmNXHl1Sx8R_3KQ&sai=AMfl-YQ8yv92217PQ0Kxonf-loXK4QluKRtaaxwPx4iWwF7i_5K3YelpT16pKGqGQRx3xMTFJIMWfWORS0_4CoxGuAYSe895PFWNAs4BY5u8K_W0kbcBIVEoH28Or3he83e-&sig=Cg0ArKJSzJNnwjffHoa6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
render_post_ads_v1.html
googleads.g.doubleclick.net/pagead/ Frame 4ADB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4980
x-xss-protection
0
date
Fri, 18 Feb 2022 08:30:29 GMT
expires
Sat, 19 Feb 2022 08:30:29 GMT
cache-control
public, max-age=86400
age
39460
etag
12223946614886178233
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame BF42 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe0a348ab1514f7e456a57a4c604299afedb144ac35409803a4277423de868a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:05:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1367
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5311
x-xss-protection
0
server
cafe
etag
13703302848655719195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 20:05:22 GMT
trk.js
cdn.adnxs.com/v/s/223/ Frame BF42 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/223/trk.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:08 GMT
Content-Encoding
gzip
Age
202251
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29208
X-Served-By
cache-lga13621-LGA, cache-yul12834-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Wed, 16 Feb 2022 11:17:05 GMT
Server
AkamaiNetStorage
X-Timer
S1645212489.985449,VS0,VE0
ETag
"c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 16 Feb 2023 11:17:17 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 326210
it
nym1-ib.adnxs.com/ Frame BF42 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftinyurl.com%252Fmrczpmvu__%253B%2521%2521Iww4%25212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%2524&e=wqT_3QLiBuhiAwAAAwDWAAUBCMjmv5AGEPjj0LPVt_6YXhgAKjYJfSQlPQwt-D8Rhmghv4bp9D8ZAAAAgD0KEkAhhg0SACkRJAAxCRuw7z8ww_LOBTj0DkDlHkhlUKeiyyVY6KhLYABozZIOeOjmAoABAYoBA1VTRJIBAQb03gKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDIy2AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUN2Q1NldTdyWGJXbTF3b01Mb3dHOF9IMFNldkZ2RDREYXA5OXlhX095M3VZamdGSGJFRjZrWklqRjJ3alhZOFlya2prS3A3T2JtNXZ3YlFmQUtzcUJMOHdQTUZnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY3ODc0ODA3MDUwMTg2Mzg4NDAiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgD1rMv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAS7r9EdyAQA2gQCCAHgBAHwBKeiyyWIBQGYBQCgBcfY9_6w-YDePMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8IABAAGAAgADAAOLQEQADIB-jmAtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=fca5570db07f2217c4e5a273d3d75dd0d9b0cd77
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
57d640f6-a57c-42b9-abb3-2bdc0ab0bbaa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF42 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-B8Iu6gH6tSntZi2DjyuJHC_jsxwZxUsy8VyB1U3OhuaK7ym45CbCH-H_CBBy5HX530HVga2UyiTdiepxLIxeM4tbj28g
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF42 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
pixel
protected-by.clarium.io/ Frame BF42 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NjNQbkZGNXB5V0dCUW1EZEJCZTdtSEU3MjJNL2Rpc3RyaWN0bURNWDo3Mjh4OTA=&v=5&s=v31fs74sl8i&id=eyJwcmViaWQiOnsiYWRJZCI6IjUxZGU5NmQ5NTcyNmZjNCIsImNwbSI6MS42NTk4LCJzIjoiLzE5NjYxODYsMzQ3MTgzMTAvUHViX3Rpbnl1cmwuY29tXzcyOHg5MF83X2Rlc2t0b3BfYW5jaG9yXzAiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmRpc3RyaWN0bURNWDs3ODgyNzgxNSJ9&sb=undefined&cb=8024657&h=tinyurl.com&d=eyJ3aCI6Ik5qTlFia1pHTlhCNVYwZENVVzFFWkVKQ1pUZHRTRVUzTWpKTkwyUnBjM1J5YVdOMGJVUk5XRG8zTWpoNE9UQT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJkaXN0cmljdG1ETVgiXSwiaGJfc2l6ZSI6WyI3Mjh4OTAiXX19LCJ3ciI6MH0=
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.215.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-215-219.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:09 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
osd.js
www.googletagservices.com/activeview/js/current/ Frame 943A 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950d74f4d58813a8cf61c47d04f1b5068b9ca1378e0dde97a340c5bc3540e2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29706
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015023167237"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
rd_log
nym1-ib.adnxs.com/ Frame 943A 		0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLPBHxPAgAAAwDWAAUBCMjmv5AGEKaK3ajjmZrYGhgAKjYJAA0BABENCCgAGQAAAKBH4RZAIRESACkRCfSoATEAAABA4XrsPzDQ8s4FOPQOQPQOSABQAFjpqEtgAGjNkg546OYCgAEBigEAkgEDVVNEmAGgAaAB2ASoAQGwAQC4AQDAAQDIAQDQAQDYAQDgAQDwAQD6AQxkbS1wbC0xNjc0MjfYAvU_4AL7qTzqAmtodHRwczovL3Rpbnl1cmwuY29tL21yY3pwbXZ1X187ISFJd3c0ITJ5RjFGTWlXQWNsaXJZdU9mbkp0M0ExOERpQWRIak11ekwyVWwtY0g0ZUFQMFdhZ04xTjRYRTFKVEhxRlZuN19QRG5oJIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9azL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4OagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAAAAANoGFgoQAAAAAAAAAAAAAAAAIbFgEAAYAOAGAPIGAggAgAcBiAcAoAcAugcPCAUaQCAAMAA4tARAAMgH6OYC0gcNVQkBOAjaBwYJJ0TgBwDqBwIIAPAHxP8HiggCEAA.&s=62daf326b3c52bfb19241ea2cd59a7c7601f3b87&bdref=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&bdtop=true&bdifs=1&bstk=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24,https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
60f76fa6-e900-4c33-8f83-97d224000673
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame D54B 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950d74f4d58813a8cf61c47d04f1b5068b9ca1378e0dde97a340c5bc3540e2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29706
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015023167237"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
rd_log
nym1-ib.adnxs.com/ Frame D54B 		0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLPBHxPAgAAAwDWAAUBCMjmv5AGEKaK3ajjmZrYGhgAKjYJAA0BABENCCgAGQAAAKBH4RZAIRESACkRCfSoATEAAABA4XrsPzDQ8s4FOPQOQPQOSABQAFjpqEtgAGjNkg546OYCgAEBigEAkgEDVVNEmAGgAaAB2ASoAQGwAQC4AQDAAQDIAQDQAQDYAQDgAQDwAQD6AQxkbS1wbC0xNjc0MjfYAvU_4AL7qTzqAmtodHRwczovL3Rpbnl1cmwuY29tL21yY3pwbXZ1X187ISFJd3c0ITJ5RjFGTWlXQWNsaXJZdU9mbkp0M0ExOERpQWRIak11ekwyVWwtY0g0ZUFQMFdhZ04xTjRYRTFKVEhxRlZuN19QRG5oJIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9azL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4OagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAAAAANoGFgoQAAAAAAAAAAAAAAAAIbFgEAAYAOAGAPIGAggAgAcBiAcAoAcAugcPCAUaQCAAMAA4tARAAMgH6OYC0gcNVQkBOAjaBwYJJ0TgBwDqBwIIAPAHxP8HiggCEAA.&s=62daf326b3c52bfb19241ea2cd59a7c7601f3b87&bdref=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&bdtop=true&bdifs=1&bstk=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24,https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
661171cb-762e-43ea-bc49-f7f632a503f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 26F8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYYkb6mrwEwAQ&v=APEucNX2xIZ4Ot4P85--JPC8x1HO1lwDWKCaKcfTyiTrybJk2c7LY0gA3nyHh1Lu814DG-qvnvNKapHaf-MdQ5mMHZdnLlUCaA
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 18 Feb 2022 19:28:09 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 956E 		60 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwQSoli3LrueG7ow29Uk7gSyRgP1GIO8gfLvYlMYfCOku3sYPAGnz67y5qTO8gEBcNUdtXKcfKMv0rOkOR-ceGF6AtpZnH0I-b7Mo1onCQl_QuwDavrITheJRhF8E-LdvrsUVR909_LajqqgxnX4JRJv5bQ&dbm_d=AKAmf-B7NXjadsN1A7uiEmRfWaT9yLWwDGhdFH_PXn2_O12JiRsWos56aLun1xNXKMNMVrHamLiO2OZKTscoCIfuhY9opU7_1z-Cb7l-MP_F3y_bcsjrrXSPq_2uSt15U0cfPsLT9Q5ceyNlAT-rbeGbhIJ5TNxHTtSwInsDnsWvKd8GCkfSVN9HBHpWjBma3MT-hGlqF5OPezSK6DeMOYCLh5lh5so6Wqm8EqbeIPon7pa_p600Gp2EuCGyiyVs2pgdL21td0O2cSZZZjRN_MBktJY3QKaedGtKP9gK-2OoJHL4NoMhOx-1eY2fbpfGHzdXFTqFXmhFM9n7lt3XO9lg0jsYDvCIfehNTw5AaLIPVc092cedZeXJ4RnSoaJqGttSZxL1t6jMxqib3n_3vNNE1u8TkGwCoGybBZ4NLCTbDSAFq-9f4wTUiO-SKEFG5Xp0S1ZnqUsPNB288BpEUmsiO1a1fMgbgloJvLVyZshELwN-3bDdFRqNQRGUOzHEpds51VHsOAQcJkv0oZWWBUuVDmju-eAKO-tg3KbhjFq49tNThZ5o5thR7_aqGFO6ApN51nL5RPTR4PKXt1nIsv8e_pqt-9u6b8fdLEQNq6Tx0HJInD0iLGTv-4TWY-ZmN90v6DqMAHzuRkK4r4gP3i7N2vIQuIqPEeVUDWS69DYlXG8QFgybmkypEHAzvfmBCcTmJIsh4q5zNR9lir5G7TVtPyC6cEKADA5SlpglHpxkPa2I2c1pSGEmNITNi7EQUL2cKkKtnKKRqiVbueGf_4QFDZasZmaTHqIKBrUdEJ0dvGfPyZelJh8k4d4chzICqItNLruiMDtGghAX4g2zFBaAoSK3r8GSLQM-PyDoAxqS47EMFxq7_42tUWD7Btc6bTEwtDTCt3wrdz_3mEjIiJZOLsKp23MngaCrPmai25tkNxe3aCME8tch5lUn8aEYJY0Iy2Q96HmhtyVt-fThVROBp8wPcAWLw6KtcP9AY2qpGBmjC6zkcfuVABXsLREkOiyYjQ925rzsnu8XENIhXGj-L-5Lk-T_OuhRpBteOQ5Q1ds70BSMOxn-9tiqkG8uTpWZDn-yh8WLczjCSHKYLGvSyCq79qDgSZgF89TeXJBxseLKPeJWFpPvdbn7HrfqH_eCmK_nysj6jNQ3l_W0cYS0p6BwdYE8XpWme63RUPplxMLWOOFLoAeCJMHvuUO-WIW6ljsJvr45RFHOjSCFzCOTDGg7o3Vf27JQiFq6GQYQsvNyum4oRXLev3iZ_tl4W_9LCxIVLIMb3WW4--JaSc57S9d5GqnoSkAyJCk6Ejk-_ze-4QTTFtbtzL7KOu2S6JOhVKit3KGPpX-VFZso6J4a3Kc8Ox8JsSr2VfhFjLEJYLr8OWm4t94xydxDrvkMpAQXviV8u1xqYpM51GE2v9WNqlei3jItdHbzektRRPfynBN1yEIerbeSZuwfbqmT5PXDdGcHd_obrCTg3R23EMA3FuG409QD-2DEnCywbakydAbTFzQu17WxT9SR3HHlb0Z97eUdGNz5DGKZzXv6qs_ul9oR6HSToQZbR6-DHa9xlYvllaGFILrBYe2B3U_4CREm1s_Y7LtI-UtwjgzDt-PT5vbsovxZFquB0bff0_hhpmMbvKqRFKxOVgKMhQIw8WPAR_ILeNru1LCJMC6LyHzpTQtIZWc1rPSJQY36Culw6io5J4hDfjT4QglCdkekNvL45CDCPQXTBmdT0xz9ZElEU-fUaUdYsN1GgT_9isvdVXtfZgaLXWhboJz_P8odS3yPFu1ZTlb72i_gRyVBgFHxpI4cWaqJGlWrSb18JmFmgEHe-Y2SdlMr0Vp6fz_RsmOBPGVsOz1KyK5HjtULDbvlJYB6-lfmNrNL2ueCKTAnqjgI8bWnrWcOwaAvtwtZWtbGpcH4wcH-kD50bhbc2VPL8EHqanOaWM_JvhbB4ZKveqNMok0c5ATobUyUyLpRIHDJoOtSGOiSumFUFAcHnz_XxtH5tgxnGmHbqNHgE_MhIfklOxJ6Is0XVUejoyS6iT0rcaZBty0-nvqXgM7IXYdhW1D_iLoSB-gvKiE4R2Kdnys7B_1ap5SFXifFjYW4aDNfqKUGDkvVZr72_7zuqAfoJZRAjeZtfYy6BoUETSFxIUl8AB1NWW2XQA3Th_xmbQbEc98JIvGZwxCN1NoDQkhNz7Il3RK3j2K_zhsKYvD3A9KSVdcOCjtLQL26M7JtLnQQB9zOOzCV4n2PPZ61WcqqfYPnpyNVRFXN9nj-sEo_mVN9Lpd0IFNT8PG95EHSrZ5BRKfuy0_b4egXbSoxFXoaLji-HGdEKw6Fv6ui8eeXsHyKqkqVoEyaNboLUrl9k4yt6ljrax2SAhbbgm9ljuxINalLQxzyuyFBvTJ0I1UHptuLh0p1cYWnpK6WkkUdvUAsPbMTAGL4rIa0NsMJI0WnOHeJ-vUPOMUxKMa1zw9Z8PwAbuYEUkbfNU6hDu-6CnKq9yP010HJMhGok6QQA9tUInPpilsrf1Py4t3mA8Xc9jQ5ikCOwytGOaiBDotG28jekrSbWrNxLp_eqGo6O442liVvJSohLLbYBKjvu4lsWpLcRoYEa4rv760zklzVdkpjU7pS-eMRqXGJmo0iz7TDC1G_xWUbz_YX3uQXPHpotRWiEsd5_yViUR77kkQmYT_hQ7_FUEmbtQnpDHKhvLQQP5Y5AD4gsBVu4nC5Mj3cAwBiZmDdcWpm_6Q9Dnm-b_nqBe9GBt2wC-GKLGJtwlPj5DjJ0H2Z1S1eFOxFoqYabI7Nz96j6Qqf6vLam6oKtjVt5CygFkOn2g_O1JoG08FpMI9EXOMb6CvTiFVaFab6napRbjxF0NqLHHM6pKtpVXO_6N8GGUMLkSWCdrDnJ5P-5ysTp-11lYRpBkKIEaNxL2WWgQK80TS5BHaTtrgs0bqU0xMwAZWX0tdr8E4HPmXt0Ib1537GyOdZoykEUy5SR2U_gsW5GD24u_Olt5hrXbqeWxqA7a5eEiWaC8nYdTraXVwNbr-ORwrze9V-Bl9sZ32-O76rRI_Lc8qnl9d5961U9a2tMgPjVELn8KjHNiKiLT96IplKbf6jN-nYZu2TJsCIqy_tuZLgkZNqlsSpB4zmSrY1JURq3HhTsiuuEIDxGibY6KcuzuT6IyrRDDFQcF5ZPVkDnmZXCADEAbMrxqt5Is_jAqk0x5aoupaOCPUrqfGEtQtrldYPeeVH7uAq4AhvyiWVTEOw5t8pMAxi5QUVOn9mv9jqqswKjrkOxkitZqUoRjiAZQ&cid=CAASFeRoUsmx9yYXIauho_iA1s5E9XWfPQ&rfl=1%2Chttps%253A%252F%252Ftinyurl.com%252F%240
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
862aae49e4e3302a075e4392aabed73d8bf6c55b7aa374569cae4f1b840189cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29858
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 956E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXEaQtVS27df6iLaH5bNelLTMCTUscbVOWDrkJ2WTSqZ8RtcIdBDi5qYwB5bi2tFdfDhvwt4qC8z4JlnDfjLdpkqFsw48K8SQm7KqFRBYdyglPhNg
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 956E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:26:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 956E 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 956E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:25:26 GMT
l
www.google.com/ads/measurement/ Frame 956E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDL_Sw0Lk7JT2Pc75yQwmoHtCBJOqeVT5ibcvQLHnmFLwIbEpdxkBvEicnlFsteYSEhLgp7cerxeryMrznslldjLkdRw
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ Frame BF42 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950d74f4d58813a8cf61c47d04f1b5068b9ca1378e0dde97a340c5bc3540e2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29706
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015023167237"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
rd_log
nym1-ib.adnxs.com/ Frame BF42 		0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLPBHxPAgAAAwDWAAUBCMjmv5AGEKaK3ajjmZrYGhgAKjYJAA0BABENCCgAGQAAAKBH4RZAIRESACkRCfSoATEAAABA4XrsPzDQ8s4FOPQOQPQOSABQAFjpqEtgAGjNkg546OYCgAEBigEAkgEDVVNEmAGgAaAB2ASoAQGwAQC4AQDAAQDIAQDQAQDYAQDgAQDwAQD6AQxkbS1wbC0xNjc0MjfYAvU_4AL7qTzqAmtodHRwczovL3Rpbnl1cmwuY29tL21yY3pwbXZ1X187ISFJd3c0ITJ5RjFGTWlXQWNsaXJZdU9mbkp0M0ExOERpQWRIak11ekwyVWwtY0g0ZUFQMFdhZ04xTjRYRTFKVEhxRlZuN19QRG5oJIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9azL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4OagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAAAAANoGFgoQAAAAAAAAAAAAAAAAIbFgEAAYAOAGAPIGAggAgAcBiAcAoAcAugcPCAUaQCAAMAA4tARAAMgH6OYC0gcNVQkBOAjaBwYJJ0TgBwDqBwIIAPAHxP8HiggCEAA.&s=62daf326b3c52bfb19241ea2cd59a7c7601f3b87&bdref=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&bdtop=true&bdifs=1&bstk=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24,https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e2a6ed93-29c3-429d-b5ca-76f408ff1a8b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 943A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoW6ua9hRvEyrdjPLBjWDCN3jiy57ZK_e3yi1Ai8SeiF5CmyUJVfCYACAAjPM6gY0RZec-rQiRlRXzIZehX6VZElhvqmxGKDz8Kep5rnRDwYb-6_QK-I9A5EqqQCFJYiwDTcmO36EspD0OD8QtWqRLTg0aoRqun8dOZkQ7WJAHmd63ok6pQmgVDlJNjLU07FdBZwrvitHkQTeK0QC_u5_R2Px86evPVAqOHxmBQDR6ofL3I66fjA9B4aXOUSBllaQFD1LpicrZ5PwZk0K6RLMfwkcR-vA88uQ_vKY2QoyBpRHQp9bvxAsY6W6EkwfQrF9xTg&sai=AMfl-YRIZ5QzxgVwbVVtj69cT6kt-bhBRO5DI18jpivNKsSn5ifwD1afWl4DeSrG1k_0jSrIrSmuv8oAAqW-wdds8FtYEeQFDjLfbbbkz3nltmM9OkQuQLTjKMZ249O4bZCR&sig=Cg0ArKJSzJkPrOab_R51EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Feb 2022 19:28:09 GMT
truncated
/ Frame 943A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
412f3961ce97612bc2e66d2bb2918eeb92b9cad33630264e2fc6cb30d10dc4e1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame 943A 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLiBuhiAwAAAwDWAAUBCMjmv5AGEKiEqaiB3pe6YxgAKjYJYU87_DWZ9T8RlXYPdcSu8j8ZAAAAgD0KEkAhlQ0SACkRJAAxCRuw7z8ww_LOBTj0DkDlHkhlUKeiyyVY6ahLYABozZIOeOjmAoABAYoBA1VTRJIBAQb03gKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDIy2AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLURPeTlvak1VM09LRVpZV2JvMlYyck9iZlNTMURvY1RXXzB6YnU3aWNVMmtJNjhMRjQ2RTlMNkZxdk5YM3hGSWlYVXFUZ3dIMklIUWFIR0gtY2lEOUtQUGNVX1dBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzcxNjY0NTcyOTIyOTE0NTc1NzYiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgD1rMv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAS7r9EdyAQA2gQCCAHgBAHwBKeiyyWIBQGYBQCgBduwoqiUluDKH8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8IABAAGAAgADAAOLQEQADIB-jmAtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=963957afbeadf138f61cffe74efc15658bcdd78f&type=nv&nvt=5&jm=1003&px=523&py=123&bw=728&bh=90&sid=1962093761280211422&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11778371&sw=1600&sh=1200&pw=1600&ph=1345&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bf4651a6-77ac-4cc5-8a21-5f4a739a810c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D54B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv37ZuwavOE2YqoEC1CgYSmWUn12Iear-cZK-6pqFoOwW1ADsby4oxpJRQhpcloYiSimrQFfs5Zaieu4RnqtxQFSxYnJCPxMIvPVR1ajxYc9L_HjT9dj4HXcPM-USglinyq6Xl4VN1s2GnUh58wJD9SKH1nzx-3y962vWpAfDHCCn0TYf8vKhMk2dB00o1rzACd_z4R7P-bM-kQPidqZQuG96qCSCVOKKFsnkDQgw_j9HkQ61SS0MQ3Na7N_QsrN4k1QJvDB1LHVv87nZKPOEZiI_m7Spuy8n7hBH3aNDBSsD6DaN3K8HZL8AQIi7LfwIwJ&sai=AMfl-YSnMl1nMUgDS6bQ0-FIp9WV0TTP7L7idDoEQfW5H7J-zC2dAAshCQfCV0n5T8mrVMDLtMzbnfHy0GMy2rYN5P95VzyyqcHzwAJNPogewluQ5kKGCrBOfj7bLXcoUZTs&sig=Cg0ArKJSzIQ1iDn7G6bXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Feb 2022 19:28:09 GMT
truncated
/ Frame D54B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1246a7b313c3ce51bb6d105aa828db4191e45e8504041d24a79baea6065554a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=196261077476671&ev=Microdata&dl=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&rl=&if=false&ts=1645212489173&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL%22%2C%22meta%3Adescription%22%3A%22TinyURL.com%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.%22%2C%22meta%3Akeywords%22%3A%22tinyurl%20url%20save%20share%20shorten%20analyze%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645212487604.1714099226&it=1645212487505&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 18 Feb 2022 19:28:09 GMT
adfetch
googleads.g.doubleclick.net/pagead/ Frame 5831 		75 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43ba8828a06da01148064fac188b245939b9ca40b687c0c429b093cb44e6d00a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30487
x-xss-protection
0
adfetch
googleads.g.doubleclick.net/pagead/ Frame E7DC 		76 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0770572cebdb454faf21a005493e9274a9aa066143877988049a7a56e557ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30567
x-xss-protection
0
vevent
nym1-ib.adnxs.com/ Frame D54B 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLjBuhjAwAAAwDWAAUBCMjmv5AGEM3n59S65vu-CxgAKjYJAwmKH2Pu4j8RWwpI-x9g4D8ZAAAAgOvRIkAhWw0SACkRJMgxAAAAoHA9-j8wwPLOBTj0DkDlHkhlUKGf6SRY6ahLYABozZIOeOjmAoABAYoBA1VTRJIFBvRuApgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDE52AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-kBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLURLV0l4VXFkYnBFazVWM1BqX3BrdmhRekthY2p3UmtTVnUzY19uMW1RdDBJOURYQldFTmoteUp0YjBJbkJmcW9IRHFBM3I1SWpBS2ZLb0ZOZlJOb1dnVnAzRlVnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjgyODA4MDkxMTY5MDYyNTk5NyIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2APWsy_gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAShr9EdyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBevb1pL2gpChDcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAATgNAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8BWEwYACAAMAA4tARAAMgH6OYC0gcNCQ1GBUcI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=5bbde2cc40dd86521007ea8442b777b2cab14f1b&type=nv&nvt=5&jm=1003&px=1280&py=243&bw=300&bh=250&sid=1962093761280211422&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11778368&sw=1600&sh=1200&pw=1600&ph=1345&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
328d2edb-c831-4179-b98d-3165008add51
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BF42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUVTTyuPrvPic_LAqLjj6hhDir-ZUYD8mZhIMyNjGgbWljIUSQJqVzODhj7nKwWEcF9f9d_Gv9q7NYP1HNRwU-2Ym7Su7AGqrsfSipryvmM_a46aaFtsH0qgABaSltdZcRsUBUS2hcN1Fv0PT43iFGWpCG20ttSEecXHSPQ0R4GAK0BPuGCimngvc5513WGm9foko_Vf2lJwFcQmMttSFgLBrxBEPG-ffcsqCsTBtS_82VxfQwodwR7HaZyO-SPsFoVud7_loT4CCDg1e9iZvMNHMamUpeD1UUWSvnwsOzwqgPoFX1gbF3S5iTk9IGDvx5rA&sai=AMfl-YR9EKwi4K0ZOnnx0MyvP0GKxET09foTRU0p1NlDGPdR8OUo2TFPGys83SIk3jetPjBjlkVTNJvpv7_EpNyWPemHAuXtFdN1CzSyBb864LKzjNTtTZJWxMIMUkcoKu-p&sig=Cg0ArKJSzAIBD5v7wbE-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Feb 2022 19:28:09 GMT
truncated
/ Frame BF42 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfb767d1c07ff4acc02cfdb01d9b597969a42da5e0cb3c3dc82d8216b35e1872

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 956E 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwQSoli3LrueG7ow29Uk7gSyRgP1GIO8gfLvYlMYfCOku3sYPAGnz67y5qTO8gEBcNUdtXKcfKMv0rOkOR-ceGF6AtpZnH0I-b7Mo1onCQl_QuwDavrITheJRhF8E-LdvrsUVR909_LajqqgxnX4JRJv5bQ&dbm_d=AKAmf-B7NXjadsN1A7uiEmRfWaT9yLWwDGhdFH_PXn2_O12JiRsWos56aLun1xNXKMNMVrHamLiO2OZKTscoCIfuhY9opU7_1z-Cb7l-MP_F3y_bcsjrrXSPq_2uSt15U0cfPsLT9Q5ceyNlAT-rbeGbhIJ5TNxHTtSwInsDnsWvKd8GCkfSVN9HBHpWjBma3MT-hGlqF5OPezSK6DeMOYCLh5lh5so6Wqm8EqbeIPon7pa_p600Gp2EuCGyiyVs2pgdL21td0O2cSZZZjRN_MBktJY3QKaedGtKP9gK-2OoJHL4NoMhOx-1eY2fbpfGHzdXFTqFXmhFM9n7lt3XO9lg0jsYDvCIfehNTw5AaLIPVc092cedZeXJ4RnSoaJqGttSZxL1t6jMxqib3n_3vNNE1u8TkGwCoGybBZ4NLCTbDSAFq-9f4wTUiO-SKEFG5Xp0S1ZnqUsPNB288BpEUmsiO1a1fMgbgloJvLVyZshELwN-3bDdFRqNQRGUOzHEpds51VHsOAQcJkv0oZWWBUuVDmju-eAKO-tg3KbhjFq49tNThZ5o5thR7_aqGFO6ApN51nL5RPTR4PKXt1nIsv8e_pqt-9u6b8fdLEQNq6Tx0HJInD0iLGTv-4TWY-ZmN90v6DqMAHzuRkK4r4gP3i7N2vIQuIqPEeVUDWS69DYlXG8QFgybmkypEHAzvfmBCcTmJIsh4q5zNR9lir5G7TVtPyC6cEKADA5SlpglHpxkPa2I2c1pSGEmNITNi7EQUL2cKkKtnKKRqiVbueGf_4QFDZasZmaTHqIKBrUdEJ0dvGfPyZelJh8k4d4chzICqItNLruiMDtGghAX4g2zFBaAoSK3r8GSLQM-PyDoAxqS47EMFxq7_42tUWD7Btc6bTEwtDTCt3wrdz_3mEjIiJZOLsKp23MngaCrPmai25tkNxe3aCME8tch5lUn8aEYJY0Iy2Q96HmhtyVt-fThVROBp8wPcAWLw6KtcP9AY2qpGBmjC6zkcfuVABXsLREkOiyYjQ925rzsnu8XENIhXGj-L-5Lk-T_OuhRpBteOQ5Q1ds70BSMOxn-9tiqkG8uTpWZDn-yh8WLczjCSHKYLGvSyCq79qDgSZgF89TeXJBxseLKPeJWFpPvdbn7HrfqH_eCmK_nysj6jNQ3l_W0cYS0p6BwdYE8XpWme63RUPplxMLWOOFLoAeCJMHvuUO-WIW6ljsJvr45RFHOjSCFzCOTDGg7o3Vf27JQiFq6GQYQsvNyum4oRXLev3iZ_tl4W_9LCxIVLIMb3WW4--JaSc57S9d5GqnoSkAyJCk6Ejk-_ze-4QTTFtbtzL7KOu2S6JOhVKit3KGPpX-VFZso6J4a3Kc8Ox8JsSr2VfhFjLEJYLr8OWm4t94xydxDrvkMpAQXviV8u1xqYpM51GE2v9WNqlei3jItdHbzektRRPfynBN1yEIerbeSZuwfbqmT5PXDdGcHd_obrCTg3R23EMA3FuG409QD-2DEnCywbakydAbTFzQu17WxT9SR3HHlb0Z97eUdGNz5DGKZzXv6qs_ul9oR6HSToQZbR6-DHa9xlYvllaGFILrBYe2B3U_4CREm1s_Y7LtI-UtwjgzDt-PT5vbsovxZFquB0bff0_hhpmMbvKqRFKxOVgKMhQIw8WPAR_ILeNru1LCJMC6LyHzpTQtIZWc1rPSJQY36Culw6io5J4hDfjT4QglCdkekNvL45CDCPQXTBmdT0xz9ZElEU-fUaUdYsN1GgT_9isvdVXtfZgaLXWhboJz_P8odS3yPFu1ZTlb72i_gRyVBgFHxpI4cWaqJGlWrSb18JmFmgEHe-Y2SdlMr0Vp6fz_RsmOBPGVsOz1KyK5HjtULDbvlJYB6-lfmNrNL2ueCKTAnqjgI8bWnrWcOwaAvtwtZWtbGpcH4wcH-kD50bhbc2VPL8EHqanOaWM_JvhbB4ZKveqNMok0c5ATobUyUyLpRIHDJoOtSGOiSumFUFAcHnz_XxtH5tgxnGmHbqNHgE_MhIfklOxJ6Is0XVUejoyS6iT0rcaZBty0-nvqXgM7IXYdhW1D_iLoSB-gvKiE4R2Kdnys7B_1ap5SFXifFjYW4aDNfqKUGDkvVZr72_7zuqAfoJZRAjeZtfYy6BoUETSFxIUl8AB1NWW2XQA3Th_xmbQbEc98JIvGZwxCN1NoDQkhNz7Il3RK3j2K_zhsKYvD3A9KSVdcOCjtLQL26M7JtLnQQB9zOOzCV4n2PPZ61WcqqfYPnpyNVRFXN9nj-sEo_mVN9Lpd0IFNT8PG95EHSrZ5BRKfuy0_b4egXbSoxFXoaLji-HGdEKw6Fv6ui8eeXsHyKqkqVoEyaNboLUrl9k4yt6ljrax2SAhbbgm9ljuxINalLQxzyuyFBvTJ0I1UHptuLh0p1cYWnpK6WkkUdvUAsPbMTAGL4rIa0NsMJI0WnOHeJ-vUPOMUxKMa1zw9Z8PwAbuYEUkbfNU6hDu-6CnKq9yP010HJMhGok6QQA9tUInPpilsrf1Py4t3mA8Xc9jQ5ikCOwytGOaiBDotG28jekrSbWrNxLp_eqGo6O442liVvJSohLLbYBKjvu4lsWpLcRoYEa4rv760zklzVdkpjU7pS-eMRqXGJmo0iz7TDC1G_xWUbz_YX3uQXPHpotRWiEsd5_yViUR77kkQmYT_hQ7_FUEmbtQnpDHKhvLQQP5Y5AD4gsBVu4nC5Mj3cAwBiZmDdcWpm_6Q9Dnm-b_nqBe9GBt2wC-GKLGJtwlPj5DjJ0H2Z1S1eFOxFoqYabI7Nz96j6Qqf6vLam6oKtjVt5CygFkOn2g_O1JoG08FpMI9EXOMb6CvTiFVaFab6napRbjxF0NqLHHM6pKtpVXO_6N8GGUMLkSWCdrDnJ5P-5ysTp-11lYRpBkKIEaNxL2WWgQK80TS5BHaTtrgs0bqU0xMwAZWX0tdr8E4HPmXt0Ib1537GyOdZoykEUy5SR2U_gsW5GD24u_Olt5hrXbqeWxqA7a5eEiWaC8nYdTraXVwNbr-ORwrze9V-Bl9sZ32-O76rRI_Lc8qnl9d5961U9a2tMgPjVELn8KjHNiKiLT96IplKbf6jN-nYZu2TJsCIqy_tuZLgkZNqlsSpB4zmSrY1JURq3HhTsiuuEIDxGibY6KcuzuT6IyrRDDFQcF5ZPVkDnmZXCADEAbMrxqt5Is_jAqk0x5aoupaOCPUrqfGEtQtrldYPeeVH7uAq4AhvyiWVTEOw5t8pMAxi5QUVOn9mv9jqqswKjrkOxkitZqUoRjiAZQ&cid=CAASFeRoUsmx9yYXIauho_iA1s5E9XWfPQ&rfl=1%2Chttps%253A%252F%252Ftinyurl.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:24:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 956E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwQSoli3LrueG7ow29Uk7gSyRgP1GIO8gfLvYlMYfCOku3sYPAGnz67y5qTO8gEBcNUdtXKcfKMv0rOkOR-ceGF6AtpZnH0I-b7Mo1onCQl_QuwDavrITheJRhF8E-LdvrsUVR909_LajqqgxnX4JRJv5bQ&dbm_d=AKAmf-B7NXjadsN1A7uiEmRfWaT9yLWwDGhdFH_PXn2_O12JiRsWos56aLun1xNXKMNMVrHamLiO2OZKTscoCIfuhY9opU7_1z-Cb7l-MP_F3y_bcsjrrXSPq_2uSt15U0cfPsLT9Q5ceyNlAT-rbeGbhIJ5TNxHTtSwInsDnsWvKd8GCkfSVN9HBHpWjBma3MT-hGlqF5OPezSK6DeMOYCLh5lh5so6Wqm8EqbeIPon7pa_p600Gp2EuCGyiyVs2pgdL21td0O2cSZZZjRN_MBktJY3QKaedGtKP9gK-2OoJHL4NoMhOx-1eY2fbpfGHzdXFTqFXmhFM9n7lt3XO9lg0jsYDvCIfehNTw5AaLIPVc092cedZeXJ4RnSoaJqGttSZxL1t6jMxqib3n_3vNNE1u8TkGwCoGybBZ4NLCTbDSAFq-9f4wTUiO-SKEFG5Xp0S1ZnqUsPNB288BpEUmsiO1a1fMgbgloJvLVyZshELwN-3bDdFRqNQRGUOzHEpds51VHsOAQcJkv0oZWWBUuVDmju-eAKO-tg3KbhjFq49tNThZ5o5thR7_aqGFO6ApN51nL5RPTR4PKXt1nIsv8e_pqt-9u6b8fdLEQNq6Tx0HJInD0iLGTv-4TWY-ZmN90v6DqMAHzuRkK4r4gP3i7N2vIQuIqPEeVUDWS69DYlXG8QFgybmkypEHAzvfmBCcTmJIsh4q5zNR9lir5G7TVtPyC6cEKADA5SlpglHpxkPa2I2c1pSGEmNITNi7EQUL2cKkKtnKKRqiVbueGf_4QFDZasZmaTHqIKBrUdEJ0dvGfPyZelJh8k4d4chzICqItNLruiMDtGghAX4g2zFBaAoSK3r8GSLQM-PyDoAxqS47EMFxq7_42tUWD7Btc6bTEwtDTCt3wrdz_3mEjIiJZOLsKp23MngaCrPmai25tkNxe3aCME8tch5lUn8aEYJY0Iy2Q96HmhtyVt-fThVROBp8wPcAWLw6KtcP9AY2qpGBmjC6zkcfuVABXsLREkOiyYjQ925rzsnu8XENIhXGj-L-5Lk-T_OuhRpBteOQ5Q1ds70BSMOxn-9tiqkG8uTpWZDn-yh8WLczjCSHKYLGvSyCq79qDgSZgF89TeXJBxseLKPeJWFpPvdbn7HrfqH_eCmK_nysj6jNQ3l_W0cYS0p6BwdYE8XpWme63RUPplxMLWOOFLoAeCJMHvuUO-WIW6ljsJvr45RFHOjSCFzCOTDGg7o3Vf27JQiFq6GQYQsvNyum4oRXLev3iZ_tl4W_9LCxIVLIMb3WW4--JaSc57S9d5GqnoSkAyJCk6Ejk-_ze-4QTTFtbtzL7KOu2S6JOhVKit3KGPpX-VFZso6J4a3Kc8Ox8JsSr2VfhFjLEJYLr8OWm4t94xydxDrvkMpAQXviV8u1xqYpM51GE2v9WNqlei3jItdHbzektRRPfynBN1yEIerbeSZuwfbqmT5PXDdGcHd_obrCTg3R23EMA3FuG409QD-2DEnCywbakydAbTFzQu17WxT9SR3HHlb0Z97eUdGNz5DGKZzXv6qs_ul9oR6HSToQZbR6-DHa9xlYvllaGFILrBYe2B3U_4CREm1s_Y7LtI-UtwjgzDt-PT5vbsovxZFquB0bff0_hhpmMbvKqRFKxOVgKMhQIw8WPAR_ILeNru1LCJMC6LyHzpTQtIZWc1rPSJQY36Culw6io5J4hDfjT4QglCdkekNvL45CDCPQXTBmdT0xz9ZElEU-fUaUdYsN1GgT_9isvdVXtfZgaLXWhboJz_P8odS3yPFu1ZTlb72i_gRyVBgFHxpI4cWaqJGlWrSb18JmFmgEHe-Y2SdlMr0Vp6fz_RsmOBPGVsOz1KyK5HjtULDbvlJYB6-lfmNrNL2ueCKTAnqjgI8bWnrWcOwaAvtwtZWtbGpcH4wcH-kD50bhbc2VPL8EHqanOaWM_JvhbB4ZKveqNMok0c5ATobUyUyLpRIHDJoOtSGOiSumFUFAcHnz_XxtH5tgxnGmHbqNHgE_MhIfklOxJ6Is0XVUejoyS6iT0rcaZBty0-nvqXgM7IXYdhW1D_iLoSB-gvKiE4R2Kdnys7B_1ap5SFXifFjYW4aDNfqKUGDkvVZr72_7zuqAfoJZRAjeZtfYy6BoUETSFxIUl8AB1NWW2XQA3Th_xmbQbEc98JIvGZwxCN1NoDQkhNz7Il3RK3j2K_zhsKYvD3A9KSVdcOCjtLQL26M7JtLnQQB9zOOzCV4n2PPZ61WcqqfYPnpyNVRFXN9nj-sEo_mVN9Lpd0IFNT8PG95EHSrZ5BRKfuy0_b4egXbSoxFXoaLji-HGdEKw6Fv6ui8eeXsHyKqkqVoEyaNboLUrl9k4yt6ljrax2SAhbbgm9ljuxINalLQxzyuyFBvTJ0I1UHptuLh0p1cYWnpK6WkkUdvUAsPbMTAGL4rIa0NsMJI0WnOHeJ-vUPOMUxKMa1zw9Z8PwAbuYEUkbfNU6hDu-6CnKq9yP010HJMhGok6QQA9tUInPpilsrf1Py4t3mA8Xc9jQ5ikCOwytGOaiBDotG28jekrSbWrNxLp_eqGo6O442liVvJSohLLbYBKjvu4lsWpLcRoYEa4rv760zklzVdkpjU7pS-eMRqXGJmo0iz7TDC1G_xWUbz_YX3uQXPHpotRWiEsd5_yViUR77kkQmYT_hQ7_FUEmbtQnpDHKhvLQQP5Y5AD4gsBVu4nC5Mj3cAwBiZmDdcWpm_6Q9Dnm-b_nqBe9GBt2wC-GKLGJtwlPj5DjJ0H2Z1S1eFOxFoqYabI7Nz96j6Qqf6vLam6oKtjVt5CygFkOn2g_O1JoG08FpMI9EXOMb6CvTiFVaFab6napRbjxF0NqLHHM6pKtpVXO_6N8GGUMLkSWCdrDnJ5P-5ysTp-11lYRpBkKIEaNxL2WWgQK80TS5BHaTtrgs0bqU0xMwAZWX0tdr8E4HPmXt0Ib1537GyOdZoykEUy5SR2U_gsW5GD24u_Olt5hrXbqeWxqA7a5eEiWaC8nYdTraXVwNbr-ORwrze9V-Bl9sZ32-O76rRI_Lc8qnl9d5961U9a2tMgPjVELn8KjHNiKiLT96IplKbf6jN-nYZu2TJsCIqy_tuZLgkZNqlsSpB4zmSrY1JURq3HhTsiuuEIDxGibY6KcuzuT6IyrRDDFQcF5ZPVkDnmZXCADEAbMrxqt5Is_jAqk0x5aoupaOCPUrqfGEtQtrldYPeeVH7uAq4AhvyiWVTEOw5t8pMAxi5QUVOn9mv9jqqswKjrkOxkitZqUoRjiAZQ&cid=CAASFeRoUsmx9yYXIauho_iA1s5E9XWfPQ&rfl=1%2Chttps%253A%252F%252Ftinyurl.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:23:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 956E 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteLLnSpka-6TCSqpW6YzUWM9pq_6dINavNINb_U6OUPSGzsvU-h0FTjmyMyguzrGN2HaGxqR89G6V1aX-lpUDgjXCcjbGSvcSfDrNSrlKBJTc4krmIZDNVV4q9YTNzL1FARJccoOXHarazaZlZvS1bfubWylsstfMmo6dSJrc8j4omigOcJbdf7tijroH7ZiugrRu_a1fh5ngBSzt1_Fq3cZSA2uVC2kdMinD1NxLSO-Y5PZOs2OjtiJ8rSolFz9k7J3FiJfJGt1frAQYeNdxMxOB1QHxa_2YsNvLnhK7ZiT8OtUlhLf6pHX2b-VoJ_6hUd1iUSSEJcSy-EotRf0cZVCbfaN-hIzLt7lQs1Vj0CKaocZUY7A_cFAzA4X0CKlKvNJTrKyLGlXmPFVjxbuUs90UmzU_hRFT2UTiURQVy5P2e4rFynsbVLRdD5qXk2uuK9Ceq3BIdZPzWRpAIV_CRd83yTl9nNgxB2ST5vrLCUmnYB7Lr6vW4OJ2Mee20kwcEvViNYr9XCGdjNL-lIu8DxVQMa93bSCyuS9uBnpn8CFPGNlYpcUZQKi1qZ8PjIEmzpHKjTVYnlIQvl-PXv_FCclGf_Ggc16oO4DzMRs5kviM4a9KTRRIQPRbk3bUe3F3hhd1j0vJY3rMtxxLvPfAql475hi9xIVwnzO1Mckysj-4ijoo1nAw8vEe2af3fFrIV9nxUuexeFW9jOvCVcZtJXHAptesHESGvLFZdRgr2kXzXimRuK0l7csI9WjTuSYOXEQILZGAW8g2PKmS-0n7-F3oqcQ9wxzN2g5J5QlfxGvjdVFGZkh9NuyGAhSVtvXO2e0KOoEPaPkewt3Wa8HEhfRYRDg3C1R8cixr_JOBYrPnbIh6TH9SfJ0ig1r6MdwHgYUTS6Bw_pmlBVrRCXhRtZq4fy_7FIJBm85Be-CvRXKCbN5xC5wZCwpxvQZl6o5USadqCk7pHeurao5InuNteqFyMFQ8ogg6v5sLDbpwfODKu_layBBgPJOetmvYupIBKU5tF7vOmj3qO8glyjYYdDEXIJIai9yrlZkbY19aygHeJYRzL0e7X8BNnRA22aGrQuoZZoKHcW72L6g-VjRrY8i_AAzC2s03gfSlFRJaEdayTLCt8iDxkxZ4T-1erlLWg3pj3fAzro0oqzEsk4lcs5g&sai=AMfl-YS0BW-ZixSs87VLhFt8qcvWFZn3zGb84qEkiPfRRLMhA6fFSJURi30RHxOaGPtreSG2XElMpyzw-b_Yofdu9WxiqQHbib09h6adSfG28Dibq2KHIp3cLDheMAoAi8L_nVqlykR3s4485M9byEvl6Mg-3Z23YEOJp6AKgkg&sig=Cg0ArKJSzPjnlOG-sMC5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220216.53485&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwQSoli3LrueG7ow29Uk7gSyRgP1GIO8gfLvYlMYfCOku3sYPAGnz67y5qTO8gEBcNUdtXKcfKMv0rOkOR-ceGF6AtpZnH0I-b7Mo1onCQl_QuwDavrITheJRhF8E-LdvrsUVR909_LajqqgxnX4JRJv5bQ&dbm_d=AKAmf-B7NXjadsN1A7uiEmRfWaT9yLWwDGhdFH_PXn2_O12JiRsWos56aLun1xNXKMNMVrHamLiO2OZKTscoCIfuhY9opU7_1z-Cb7l-MP_F3y_bcsjrrXSPq_2uSt15U0cfPsLT9Q5ceyNlAT-rbeGbhIJ5TNxHTtSwInsDnsWvKd8GCkfSVN9HBHpWjBma3MT-hGlqF5OPezSK6DeMOYCLh5lh5so6Wqm8EqbeIPon7pa_p600Gp2EuCGyiyVs2pgdL21td0O2cSZZZjRN_MBktJY3QKaedGtKP9gK-2OoJHL4NoMhOx-1eY2fbpfGHzdXFTqFXmhFM9n7lt3XO9lg0jsYDvCIfehNTw5AaLIPVc092cedZeXJ4RnSoaJqGttSZxL1t6jMxqib3n_3vNNE1u8TkGwCoGybBZ4NLCTbDSAFq-9f4wTUiO-SKEFG5Xp0S1ZnqUsPNB288BpEUmsiO1a1fMgbgloJvLVyZshELwN-3bDdFRqNQRGUOzHEpds51VHsOAQcJkv0oZWWBUuVDmju-eAKO-tg3KbhjFq49tNThZ5o5thR7_aqGFO6ApN51nL5RPTR4PKXt1nIsv8e_pqt-9u6b8fdLEQNq6Tx0HJInD0iLGTv-4TWY-ZmN90v6DqMAHzuRkK4r4gP3i7N2vIQuIqPEeVUDWS69DYlXG8QFgybmkypEHAzvfmBCcTmJIsh4q5zNR9lir5G7TVtPyC6cEKADA5SlpglHpxkPa2I2c1pSGEmNITNi7EQUL2cKkKtnKKRqiVbueGf_4QFDZasZmaTHqIKBrUdEJ0dvGfPyZelJh8k4d4chzICqItNLruiMDtGghAX4g2zFBaAoSK3r8GSLQM-PyDoAxqS47EMFxq7_42tUWD7Btc6bTEwtDTCt3wrdz_3mEjIiJZOLsKp23MngaCrPmai25tkNxe3aCME8tch5lUn8aEYJY0Iy2Q96HmhtyVt-fThVROBp8wPcAWLw6KtcP9AY2qpGBmjC6zkcfuVABXsLREkOiyYjQ925rzsnu8XENIhXGj-L-5Lk-T_OuhRpBteOQ5Q1ds70BSMOxn-9tiqkG8uTpWZDn-yh8WLczjCSHKYLGvSyCq79qDgSZgF89TeXJBxseLKPeJWFpPvdbn7HrfqH_eCmK_nysj6jNQ3l_W0cYS0p6BwdYE8XpWme63RUPplxMLWOOFLoAeCJMHvuUO-WIW6ljsJvr45RFHOjSCFzCOTDGg7o3Vf27JQiFq6GQYQsvNyum4oRXLev3iZ_tl4W_9LCxIVLIMb3WW4--JaSc57S9d5GqnoSkAyJCk6Ejk-_ze-4QTTFtbtzL7KOu2S6JOhVKit3KGPpX-VFZso6J4a3Kc8Ox8JsSr2VfhFjLEJYLr8OWm4t94xydxDrvkMpAQXviV8u1xqYpM51GE2v9WNqlei3jItdHbzektRRPfynBN1yEIerbeSZuwfbqmT5PXDdGcHd_obrCTg3R23EMA3FuG409QD-2DEnCywbakydAbTFzQu17WxT9SR3HHlb0Z97eUdGNz5DGKZzXv6qs_ul9oR6HSToQZbR6-DHa9xlYvllaGFILrBYe2B3U_4CREm1s_Y7LtI-UtwjgzDt-PT5vbsovxZFquB0bff0_hhpmMbvKqRFKxOVgKMhQIw8WPAR_ILeNru1LCJMC6LyHzpTQtIZWc1rPSJQY36Culw6io5J4hDfjT4QglCdkekNvL45CDCPQXTBmdT0xz9ZElEU-fUaUdYsN1GgT_9isvdVXtfZgaLXWhboJz_P8odS3yPFu1ZTlb72i_gRyVBgFHxpI4cWaqJGlWrSb18JmFmgEHe-Y2SdlMr0Vp6fz_RsmOBPGVsOz1KyK5HjtULDbvlJYB6-lfmNrNL2ueCKTAnqjgI8bWnrWcOwaAvtwtZWtbGpcH4wcH-kD50bhbc2VPL8EHqanOaWM_JvhbB4ZKveqNMok0c5ATobUyUyLpRIHDJoOtSGOiSumFUFAcHnz_XxtH5tgxnGmHbqNHgE_MhIfklOxJ6Is0XVUejoyS6iT0rcaZBty0-nvqXgM7IXYdhW1D_iLoSB-gvKiE4R2Kdnys7B_1ap5SFXifFjYW4aDNfqKUGDkvVZr72_7zuqAfoJZRAjeZtfYy6BoUETSFxIUl8AB1NWW2XQA3Th_xmbQbEc98JIvGZwxCN1NoDQkhNz7Il3RK3j2K_zhsKYvD3A9KSVdcOCjtLQL26M7JtLnQQB9zOOzCV4n2PPZ61WcqqfYPnpyNVRFXN9nj-sEo_mVN9Lpd0IFNT8PG95EHSrZ5BRKfuy0_b4egXbSoxFXoaLji-HGdEKw6Fv6ui8eeXsHyKqkqVoEyaNboLUrl9k4yt6ljrax2SAhbbgm9ljuxINalLQxzyuyFBvTJ0I1UHptuLh0p1cYWnpK6WkkUdvUAsPbMTAGL4rIa0NsMJI0WnOHeJ-vUPOMUxKMa1zw9Z8PwAbuYEUkbfNU6hDu-6CnKq9yP010HJMhGok6QQA9tUInPpilsrf1Py4t3mA8Xc9jQ5ikCOwytGOaiBDotG28jekrSbWrNxLp_eqGo6O442liVvJSohLLbYBKjvu4lsWpLcRoYEa4rv760zklzVdkpjU7pS-eMRqXGJmo0iz7TDC1G_xWUbz_YX3uQXPHpotRWiEsd5_yViUR77kkQmYT_hQ7_FUEmbtQnpDHKhvLQQP5Y5AD4gsBVu4nC5Mj3cAwBiZmDdcWpm_6Q9Dnm-b_nqBe9GBt2wC-GKLGJtwlPj5DjJ0H2Z1S1eFOxFoqYabI7Nz96j6Qqf6vLam6oKtjVt5CygFkOn2g_O1JoG08FpMI9EXOMb6CvTiFVaFab6napRbjxF0NqLHHM6pKtpVXO_6N8GGUMLkSWCdrDnJ5P-5ysTp-11lYRpBkKIEaNxL2WWgQK80TS5BHaTtrgs0bqU0xMwAZWX0tdr8E4HPmXt0Ib1537GyOdZoykEUy5SR2U_gsW5GD24u_Olt5hrXbqeWxqA7a5eEiWaC8nYdTraXVwNbr-ORwrze9V-Bl9sZ32-O76rRI_Lc8qnl9d5961U9a2tMgPjVELn8KjHNiKiLT96IplKbf6jN-nYZu2TJsCIqy_tuZLgkZNqlsSpB4zmSrY1JURq3HhTsiuuEIDxGibY6KcuzuT6IyrRDDFQcF5ZPVkDnmZXCADEAbMrxqt5Is_jAqk0x5aoupaOCPUrqfGEtQtrldYPeeVH7uAq4AhvyiWVTEOw5t8pMAxi5QUVOn9mv9jqqswKjrkOxkitZqUoRjiAZQ&cid=CAASFeRoUsmx9yYXIauho_iA1s5E9XWfPQ&rfl=1%2Chttps%253A%252F%252Ftinyurl.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 18 Feb 2022 19:28:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
firstevent
scotiabank.demdex.net/ Frame 956E
Redirect Chain
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=154029259&d_campaign=26086129&d_placement=308368675&d_site=3375178&c_advertID=6105463&d_bust=2365091678
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=154029259&d_campaign=26086129&d_placement=308368675&d_site=3375178&c_advertID=6105463&d_bust=2365091678
42 B
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=154029259&d_campaign=26086129&d_placement=308368675&d_site=3375178&c_advertID=6105463&d_bust=2365091678
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
52.70.253.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-253-5.compute-1.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v028-0bffc0221.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZNAxBBRsT2o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v028-0675c1917.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6JlnTikoTuk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=154029259&d_campaign=26086129&d_placement=308368675&d_site=3375178&c_advertID=6105463&d_bust=2365091678
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 956E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwQSoli3LrueG7ow29Uk7gSyRgP1GIO8gfLvYlMYfCOku3sYPAGnz67y5qTO8gEBcNUdtXKcfKMv0rOkOR-ceGF6AtpZnH0I-b7Mo1onCQl_QuwDavrITheJRhF8E-LdvrsUVR909_LajqqgxnX4JRJv5bQ&dbm_d=AKAmf-B7NXjadsN1A7uiEmRfWaT9yLWwDGhdFH_PXn2_O12JiRsWos56aLun1xNXKMNMVrHamLiO2OZKTscoCIfuhY9opU7_1z-Cb7l-MP_F3y_bcsjrrXSPq_2uSt15U0cfPsLT9Q5ceyNlAT-rbeGbhIJ5TNxHTtSwInsDnsWvKd8GCkfSVN9HBHpWjBma3MT-hGlqF5OPezSK6DeMOYCLh5lh5so6Wqm8EqbeIPon7pa_p600Gp2EuCGyiyVs2pgdL21td0O2cSZZZjRN_MBktJY3QKaedGtKP9gK-2OoJHL4NoMhOx-1eY2fbpfGHzdXFTqFXmhFM9n7lt3XO9lg0jsYDvCIfehNTw5AaLIPVc092cedZeXJ4RnSoaJqGttSZxL1t6jMxqib3n_3vNNE1u8TkGwCoGybBZ4NLCTbDSAFq-9f4wTUiO-SKEFG5Xp0S1ZnqUsPNB288BpEUmsiO1a1fMgbgloJvLVyZshELwN-3bDdFRqNQRGUOzHEpds51VHsOAQcJkv0oZWWBUuVDmju-eAKO-tg3KbhjFq49tNThZ5o5thR7_aqGFO6ApN51nL5RPTR4PKXt1nIsv8e_pqt-9u6b8fdLEQNq6Tx0HJInD0iLGTv-4TWY-ZmN90v6DqMAHzuRkK4r4gP3i7N2vIQuIqPEeVUDWS69DYlXG8QFgybmkypEHAzvfmBCcTmJIsh4q5zNR9lir5G7TVtPyC6cEKADA5SlpglHpxkPa2I2c1pSGEmNITNi7EQUL2cKkKtnKKRqiVbueGf_4QFDZasZmaTHqIKBrUdEJ0dvGfPyZelJh8k4d4chzICqItNLruiMDtGghAX4g2zFBaAoSK3r8GSLQM-PyDoAxqS47EMFxq7_42tUWD7Btc6bTEwtDTCt3wrdz_3mEjIiJZOLsKp23MngaCrPmai25tkNxe3aCME8tch5lUn8aEYJY0Iy2Q96HmhtyVt-fThVROBp8wPcAWLw6KtcP9AY2qpGBmjC6zkcfuVABXsLREkOiyYjQ925rzsnu8XENIhXGj-L-5Lk-T_OuhRpBteOQ5Q1ds70BSMOxn-9tiqkG8uTpWZDn-yh8WLczjCSHKYLGvSyCq79qDgSZgF89TeXJBxseLKPeJWFpPvdbn7HrfqH_eCmK_nysj6jNQ3l_W0cYS0p6BwdYE8XpWme63RUPplxMLWOOFLoAeCJMHvuUO-WIW6ljsJvr45RFHOjSCFzCOTDGg7o3Vf27JQiFq6GQYQsvNyum4oRXLev3iZ_tl4W_9LCxIVLIMb3WW4--JaSc57S9d5GqnoSkAyJCk6Ejk-_ze-4QTTFtbtzL7KOu2S6JOhVKit3KGPpX-VFZso6J4a3Kc8Ox8JsSr2VfhFjLEJYLr8OWm4t94xydxDrvkMpAQXviV8u1xqYpM51GE2v9WNqlei3jItdHbzektRRPfynBN1yEIerbeSZuwfbqmT5PXDdGcHd_obrCTg3R23EMA3FuG409QD-2DEnCywbakydAbTFzQu17WxT9SR3HHlb0Z97eUdGNz5DGKZzXv6qs_ul9oR6HSToQZbR6-DHa9xlYvllaGFILrBYe2B3U_4CREm1s_Y7LtI-UtwjgzDt-PT5vbsovxZFquB0bff0_hhpmMbvKqRFKxOVgKMhQIw8WPAR_ILeNru1LCJMC6LyHzpTQtIZWc1rPSJQY36Culw6io5J4hDfjT4QglCdkekNvL45CDCPQXTBmdT0xz9ZElEU-fUaUdYsN1GgT_9isvdVXtfZgaLXWhboJz_P8odS3yPFu1ZTlb72i_gRyVBgFHxpI4cWaqJGlWrSb18JmFmgEHe-Y2SdlMr0Vp6fz_RsmOBPGVsOz1KyK5HjtULDbvlJYB6-lfmNrNL2ueCKTAnqjgI8bWnrWcOwaAvtwtZWtbGpcH4wcH-kD50bhbc2VPL8EHqanOaWM_JvhbB4ZKveqNMok0c5ATobUyUyLpRIHDJoOtSGOiSumFUFAcHnz_XxtH5tgxnGmHbqNHgE_MhIfklOxJ6Is0XVUejoyS6iT0rcaZBty0-nvqXgM7IXYdhW1D_iLoSB-gvKiE4R2Kdnys7B_1ap5SFXifFjYW4aDNfqKUGDkvVZr72_7zuqAfoJZRAjeZtfYy6BoUETSFxIUl8AB1NWW2XQA3Th_xmbQbEc98JIvGZwxCN1NoDQkhNz7Il3RK3j2K_zhsKYvD3A9KSVdcOCjtLQL26M7JtLnQQB9zOOzCV4n2PPZ61WcqqfYPnpyNVRFXN9nj-sEo_mVN9Lpd0IFNT8PG95EHSrZ5BRKfuy0_b4egXbSoxFXoaLji-HGdEKw6Fv6ui8eeXsHyKqkqVoEyaNboLUrl9k4yt6ljrax2SAhbbgm9ljuxINalLQxzyuyFBvTJ0I1UHptuLh0p1cYWnpK6WkkUdvUAsPbMTAGL4rIa0NsMJI0WnOHeJ-vUPOMUxKMa1zw9Z8PwAbuYEUkbfNU6hDu-6CnKq9yP010HJMhGok6QQA9tUInPpilsrf1Py4t3mA8Xc9jQ5ikCOwytGOaiBDotG28jekrSbWrNxLp_eqGo6O442liVvJSohLLbYBKjvu4lsWpLcRoYEa4rv760zklzVdkpjU7pS-eMRqXGJmo0iz7TDC1G_xWUbz_YX3uQXPHpotRWiEsd5_yViUR77kkQmYT_hQ7_FUEmbtQnpDHKhvLQQP5Y5AD4gsBVu4nC5Mj3cAwBiZmDdcWpm_6Q9Dnm-b_nqBe9GBt2wC-GKLGJtwlPj5DjJ0H2Z1S1eFOxFoqYabI7Nz96j6Qqf6vLam6oKtjVt5CygFkOn2g_O1JoG08FpMI9EXOMb6CvTiFVaFab6napRbjxF0NqLHHM6pKtpVXO_6N8GGUMLkSWCdrDnJ5P-5ysTp-11lYRpBkKIEaNxL2WWgQK80TS5BHaTtrgs0bqU0xMwAZWX0tdr8E4HPmXt0Ib1537GyOdZoykEUy5SR2U_gsW5GD24u_Olt5hrXbqeWxqA7a5eEiWaC8nYdTraXVwNbr-ORwrze9V-Bl9sZ32-O76rRI_Lc8qnl9d5961U9a2tMgPjVELn8KjHNiKiLT96IplKbf6jN-nYZu2TJsCIqy_tuZLgkZNqlsSpB4zmSrY1JURq3HhTsiuuEIDxGibY6KcuzuT6IyrRDDFQcF5ZPVkDnmZXCADEAbMrxqt5Is_jAqk0x5aoupaOCPUrqfGEtQtrldYPeeVH7uAq4AhvyiWVTEOw5t8pMAxi5QUVOn9mv9jqqswKjrkOxkitZqUoRjiAZQ&cid=CAASFeRoUsmx9yYXIauho_iA1s5E9XWfPQ&rfl=1%2Chttps%253A%252F%252Ftinyurl.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 10:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Feb 2023 10:24:22 GMT
2390214290923348551
s0.2mdn.net/simgad/ Frame 956E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2390214290923348551
Requested by
Host: ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
576b53c9f3ec344a3928dd797e12bf85270618c9677a2ade64fe98026fa128db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 15:46:41 GMT
x-content-type-options
nosniff
age
13288
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15260
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 21:17:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Feb 2023 15:46:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 26F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYYkb6mrwEwAQ&v=APEucNX2xIZ4Ot4P85--JPC8x1HO1lwDWKCaKcfTyiTrybJk2c7LY0gA3nyHh1Lu814DG-qvnvNKapHaf-MdQ5mMHZdnLlUCaA
Protocol
HTTP/1.1
Server
23.216.84.240 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-84-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Feb 2022 19:28:09 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 18 Feb 2022 19:28:09 GMT
rum
dsum-sec.casalemedia.com/ Frame 26F8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yg-zSdbYZixVT.ynXBxe7AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&google_hm=2
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYYkb6mrwEwAQ&v=APEucNX2xIZ4Ot4P85--JPC8x1HO1lwDWKCaKcfTyiTrybJk2c7LY0gA3nyHh1Lu814DG-qvnvNKapHaf-MdQ5mMHZdnLlUCaA
Protocol
HTTP/1.1
Server
23.216.84.240 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-84-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Feb 2022 19:28:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIecbRwSZgYPNnnL0TTAoQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 26F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAXKYCoLjEuldbgISwQ-mVU&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXKYCoLjEuldbgISwQ-mVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYYkb6mrwEwAQ&v=APEucNX2xIZ4Ot4P85--JPC8x1HO1lwDWKCaKcfTyiTrybJk2c7LY0gA3nyHh1Lu814DG-qvnvNKapHaf-MdQ5mMHZdnLlUCaA
Protocol
HTTP/1.1
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
4b8e1a48-e03b-4003-bfce-db11cd30a702
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXKYCoLjEuldbgISwQ-mVU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 26F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDcyMTk1MjU0OTY3NDQ1OQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDcyMTk1MjU0OTY3NDQ1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYYkb6mrwEwAQ&v=APEucNX2xIZ4Ot4P85--JPC8x1HO1lwDWKCaKcfTyiTrybJk2c7LY0gA3nyHh1Lu814DG-qvnvNKapHaf-MdQ5mMHZdnLlUCaA
Protocol
H2
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ba486b9f-673e-43fe-9e4f-e15925bb7288
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDcyMTk1MjU0OTY3NDQ1OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame BF42 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLiBuhiAwAAAwDWAAUBCMjmv5AGEPjj0LPVt_6YXhgAKjYJfSQlPQwt-D8Rhmghv4bp9D8ZAAAAgD0KEkAhhg0SACkRJAAxCRuw7z8ww_LOBTj0DkDlHkhlUKeiyyVY6KhLYABozZIOeOjmAoABAYoBA1VTRJIBAQb03gKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDIy2AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUN2Q1NldTdyWGJXbTF3b01Mb3dHOF9IMFNldkZ2RDREYXA5OXlhX095M3VZamdGSGJFRjZrWklqRjJ3alhZOFlya2prS3A3T2JtNXZ3YlFmQUtzcUJMOHdQTUZnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY3ODc0ODA3MDUwMTg2Mzg4NDAiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgD1rMv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAS7r9EdyAQA2gQCCAHgBAHwBKeiyyWIBQGYBQCgBcfY9_6w-YDePMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8IABAAGAAgADAAOLQEQADIB-jmAtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=fca5570db07f2217c4e5a273d3d75dd0d9b0cd77&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=1962093761280211422&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11778371&sw=1600&sh=1200&pw=1600&ph=1345&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:09 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
cba26f3d-dfd6-485b-8a4e-1c36fad2db6d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame FBC0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iiyhTg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adfetch
googleads.g.doubleclick.net/pagead/ Frame 4ADB 		76 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ef0f2997c2aed02003c7634d8a5a26ac59bcd9df95fdb581517993ca35c689a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30548
x-xss-protection
0
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 5831 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 18:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 18:42:25 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 5831 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
218260476562286327
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:25:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5831 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 5831 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cff67ddd98ac4518c2f0ea17302f9a63dd4e8c24f7375427a6b396fffa218d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7519
x-xss-protection
0
server
cafe
etag
5754846754200317394
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:25:39 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 5831 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51ae7be962c4fe707f7656c27e1c7f7c09ff1379e6f29eeec92e739c1839e799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 12:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14549
x-xss-protection
0
server
cafe
etag
3090272840062775852
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 12:13:23 GMT
4219073793260234323
tpc.googlesyndication.com/simgad/ Frame 5831 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4219073793260234323?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk2HtBSEJh0YPMntwv7G6bsoQT10Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e666155adc38b774e429caed499ae332417bf8de3a0818fc847b0fea0708ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:21:56 GMT
x-content-type-options
nosniff
age
270373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8445
x-xss-protection
0
last-modified
Thu, 13 May 2021 12:59:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Feb 2023 16:21:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5831 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8hp4SPMPYomkDvfpj-8P66Gt4AijjsGsaMikk5TkD5rCjuv3LhABIOaX1iVgfaAB8Zqg0AHIAQKoAwHIA8kEqgScAk_QeHWHJTP71wmSkGGr8UaKsTfEYUyd5TkQPZ6AP30uKViMFKzyniNU3U_pRUnkQmvwHry8vMANmfCNjVsfjKDk4kDCDyOM1wj-obHv9RHfpALRXG7ecVtsOdohESnVIhQkZcJskVVC5JusgEVQecIhMqAu7axnuqBc0-YBo4T68vgMeVewWRcBv3wVgkdFbMP5vUDAkx49159JfZhe4IzMkySDpLXqtuMZpNpsNf9CnNpIPc4K3xDrhlPt-J7FgkeUz79Yq9DnqcquuMBeBwP6Bls0daTELkn60swnfjrsz9Yn5YgUKB3BkAIpYh6zYNAwNG4yY2LuvgSwr9AUc-id1y8byYJEpowrNLOII9wSdZ9k8jK3uCbrR-53wATl0YTs6QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH9-TfrwKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAdIIBwiAYRABGADyCA5iaWRkZXItMjgwMDA4M4AKBMgLAdgTDNAVAYAXAbIXCAoGCAASABgA&sigh=TRtP31Iqdhc&uach_m=[UACH]&pr=10:1.349905&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 18 Feb 2022 19:28:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame E7DC 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 18:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 18:42:25 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E7DC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
218260476562286327
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:25:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E7DC 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E7DC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cff67ddd98ac4518c2f0ea17302f9a63dd4e8c24f7375427a6b396fffa218d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7519
x-xss-protection
0
server
cafe
etag
5754846754200317394
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:25:39 GMT
l
www.google.com/ads/measurement/ Frame E7DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa-zQ72B54eGihkQpGei7LwvUOrlpdvYLjE5LEduRVTB4crsQQlz_c7FB-TcAqXyFj0_IhQeL78N5SBp1Tdx7Di-pjJg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E7DC 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51ae7be962c4fe707f7656c27e1c7f7c09ff1379e6f29eeec92e739c1839e799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 12:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14549
x-xss-protection
0
server
cafe
etag
3090272840062775852
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 12:13:23 GMT
12554482338151540090
tpc.googlesyndication.com/simgad/ Frame E7DC 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12554482338151540090?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmL5zAr8ar3QjFDEx_uYTYUO2x90g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa5b8164621b020075486cf6d1c64bacb0b8fb85638ad0fd5ff85c77da0fcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 16:26:04 GMT
x-content-type-options
nosniff
age
529325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10475
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 17:05:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 Feb 2023 16:26:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E7DC 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWCPpSPMPYqOjDp7mo9kP0PilsAGjjsGsaLWmk96nD5rCjuv3LhABIOaX1iVgfaAB8Zqg0AHIAQKoAwHIA8kEqgSaAk_QxRhYBNVPW4QMHuS3NU1ahtcQHeN_lopONveg1BazzY84-tfGPe09yIib6ANQ5mwCYEnwTnLbLwoyMqFDnAF8Wml6KMIW-gCr3ScYX8aezedipBY1FuVL-roZYbUJMUmzDoFAZLrxFZ6R15DTCOQJlX6BuUzoRwgkNVDntxWr8CBJ3z3LnAOuhEeWLtDa_mN60Aa2c6aXNUJzmL3lqUI5ZCqLLoRPorws8TN65nDjvHJs7AJX_VFmX7vDyhasCOUoY9jStJunW-0Bad5e6bHRIVjN9B1vgHnSUkP0q_eJ1FfvK94SQTVu0ooeAq56k9qMnZRfOhpjszWtHGPKbBBGSb1XzW2SlB4L7GKqV_D1vg-vViioc1PXWsAE5dGE7OkDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_fk368CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHSCAcIgGEQARgA8ggOYmlkZGVyLTI4MDAwODOACgTICwHYEwzQFQGAFwGyFwgKBggAEgAYAA&sigh=TAdILjSa_PY&uach_m=[UACH]&pr=10:0.5916&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 18 Feb 2022 19:28:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 956E 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteLLnSpka-6TCSqpW6YzUWM9pq_6dINavNINb_U6OUPSGzsvU-h0FTjmyMyguzrGN2HaGxqR89G6V1aX-lpUDgjXCcjbGSvcSfDrNSrlKBJTc4krmIZDNVV4q9YTNzL1FARJccoOXHarazaZlZvS1bfubWylsstfMmo6dSJrc8j4omigOcJbdf7tijroH7ZiugrRu_a1fh5ngBSzt1_Fq3cZSA2uVC2kdMinD1NxLSO-Y5PZOs2OjtiJ8rSolFz9k7J3FiJfJGt1frAQYeNdxMxOB1QHxa_2YsNvLnhK7ZiT8OtUlhLf6pHX2b-VoJ_6hUd1iUSSEJcSy-EotRf0cZVCbfaN-hIzLt7lQs1Vj0CKaocZUY7A_cFAzA4X0CKlKvNJTrKyLGlXmPFVjxbuUs90UmzU_hRFT2UTiURQVy5P2e4rFynsbVLRdD5qXk2uuK9Ceq3BIdZPzWRpAIV_CRd83yTl9nNgxB2ST5vrLCUmnYB7Lr6vW4OJ2Mee20kwcEvViNYr9XCGdjNL-lIu8DxVQMa93bSCyuS9uBnpn8CFPGNlYpcUZQKi1qZ8PjIEmzpHKjTVYnlIQvl-PXv_FCclGf_Ggc16oO4DzMRs5kviM4a9KTRRIQPRbk3bUe3F3hhd1j0vJY3rMtxxLvPfAql475hi9xIVwnzO1Mckysj-4ijoo1nAw8vEe2af3fFrIV9nxUuexeFW9jOvCVcZtJXHAptesHESGvLFZdRgr2kXzXimRuK0l7csI9WjTuSYOXEQILZGAW8g2PKmS-0n7-F3oqcQ9wxzN2g5J5QlfxGvjdVFGZkh9NuyGAhSVtvXO2e0KOoEPaPkewt3Wa8HEhfRYRDg3C1R8cixr_JOBYrPnbIh6TH9SfJ0ig1r6MdwHgYUTS6Bw_pmlBVrRCXhRtZq4fy_7FIJBm85Be-CvRXKCbN5xC5wZCwpxvQZl6o5USadqCk7pHeurao5InuNteqFyMFQ8ogg6v5sLDbpwfODKu_layBBgPJOetmvYupIBKU5tF7vOmj3qO8glyjYYdDEXIJIai9yrlZkbY19aygHeJYRzL0e7X8BNnRA22aGrQuoZZoKHcW72L6g-VjRrY8i_AAzC2s03gfSlFRJaEdayTLCt8iDxkxZ4T-1erlLWg3pj3fAzro0oqzEsk4lcs5g&sai=AMfl-YS0BW-ZixSs87VLhFt8qcvWFZn3zGb84qEkiPfRRLMhA6fFSJURi30RHxOaGPtreSG2XElMpyzw-b_Yofdu9WxiqQHbib09h6adSfG28Dibq2KHIp3cLDheMAoAi8L_nVqlykR3s4485M9byEvl6Mg-3Z23YEOJp6AKgkg&sig=Cg0ArKJSzPjnlOG-sMC5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&vt=11&dtpt=118&dett=2&cstd=0&cisv=r20220216.53485&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwQSoli3LrueG7ow29Uk7gSyRgP1GIO8gfLvYlMYfCOku3sYPAGnz67y5qTO8gEBcNUdtXKcfKMv0rOkOR-ceGF6AtpZnH0I-b7Mo1onCQl_QuwDavrITheJRhF8E-LdvrsUVR909_LajqqgxnX4JRJv5bQ&dbm_d=AKAmf-B7NXjadsN1A7uiEmRfWaT9yLWwDGhdFH_PXn2_O12JiRsWos56aLun1xNXKMNMVrHamLiO2OZKTscoCIfuhY9opU7_1z-Cb7l-MP_F3y_bcsjrrXSPq_2uSt15U0cfPsLT9Q5ceyNlAT-rbeGbhIJ5TNxHTtSwInsDnsWvKd8GCkfSVN9HBHpWjBma3MT-hGlqF5OPezSK6DeMOYCLh5lh5so6Wqm8EqbeIPon7pa_p600Gp2EuCGyiyVs2pgdL21td0O2cSZZZjRN_MBktJY3QKaedGtKP9gK-2OoJHL4NoMhOx-1eY2fbpfGHzdXFTqFXmhFM9n7lt3XO9lg0jsYDvCIfehNTw5AaLIPVc092cedZeXJ4RnSoaJqGttSZxL1t6jMxqib3n_3vNNE1u8TkGwCoGybBZ4NLCTbDSAFq-9f4wTUiO-SKEFG5Xp0S1ZnqUsPNB288BpEUmsiO1a1fMgbgloJvLVyZshELwN-3bDdFRqNQRGUOzHEpds51VHsOAQcJkv0oZWWBUuVDmju-eAKO-tg3KbhjFq49tNThZ5o5thR7_aqGFO6ApN51nL5RPTR4PKXt1nIsv8e_pqt-9u6b8fdLEQNq6Tx0HJInD0iLGTv-4TWY-ZmN90v6DqMAHzuRkK4r4gP3i7N2vIQuIqPEeVUDWS69DYlXG8QFgybmkypEHAzvfmBCcTmJIsh4q5zNR9lir5G7TVtPyC6cEKADA5SlpglHpxkPa2I2c1pSGEmNITNi7EQUL2cKkKtnKKRqiVbueGf_4QFDZasZmaTHqIKBrUdEJ0dvGfPyZelJh8k4d4chzICqItNLruiMDtGghAX4g2zFBaAoSK3r8GSLQM-PyDoAxqS47EMFxq7_42tUWD7Btc6bTEwtDTCt3wrdz_3mEjIiJZOLsKp23MngaCrPmai25tkNxe3aCME8tch5lUn8aEYJY0Iy2Q96HmhtyVt-fThVROBp8wPcAWLw6KtcP9AY2qpGBmjC6zkcfuVABXsLREkOiyYjQ925rzsnu8XENIhXGj-L-5Lk-T_OuhRpBteOQ5Q1ds70BSMOxn-9tiqkG8uTpWZDn-yh8WLczjCSHKYLGvSyCq79qDgSZgF89TeXJBxseLKPeJWFpPvdbn7HrfqH_eCmK_nysj6jNQ3l_W0cYS0p6BwdYE8XpWme63RUPplxMLWOOFLoAeCJMHvuUO-WIW6ljsJvr45RFHOjSCFzCOTDGg7o3Vf27JQiFq6GQYQsvNyum4oRXLev3iZ_tl4W_9LCxIVLIMb3WW4--JaSc57S9d5GqnoSkAyJCk6Ejk-_ze-4QTTFtbtzL7KOu2S6JOhVKit3KGPpX-VFZso6J4a3Kc8Ox8JsSr2VfhFjLEJYLr8OWm4t94xydxDrvkMpAQXviV8u1xqYpM51GE2v9WNqlei3jItdHbzektRRPfynBN1yEIerbeSZuwfbqmT5PXDdGcHd_obrCTg3R23EMA3FuG409QD-2DEnCywbakydAbTFzQu17WxT9SR3HHlb0Z97eUdGNz5DGKZzXv6qs_ul9oR6HSToQZbR6-DHa9xlYvllaGFILrBYe2B3U_4CREm1s_Y7LtI-UtwjgzDt-PT5vbsovxZFquB0bff0_hhpmMbvKqRFKxOVgKMhQIw8WPAR_ILeNru1LCJMC6LyHzpTQtIZWc1rPSJQY36Culw6io5J4hDfjT4QglCdkekNvL45CDCPQXTBmdT0xz9ZElEU-fUaUdYsN1GgT_9isvdVXtfZgaLXWhboJz_P8odS3yPFu1ZTlb72i_gRyVBgFHxpI4cWaqJGlWrSb18JmFmgEHe-Y2SdlMr0Vp6fz_RsmOBPGVsOz1KyK5HjtULDbvlJYB6-lfmNrNL2ueCKTAnqjgI8bWnrWcOwaAvtwtZWtbGpcH4wcH-kD50bhbc2VPL8EHqanOaWM_JvhbB4ZKveqNMok0c5ATobUyUyLpRIHDJoOtSGOiSumFUFAcHnz_XxtH5tgxnGmHbqNHgE_MhIfklOxJ6Is0XVUejoyS6iT0rcaZBty0-nvqXgM7IXYdhW1D_iLoSB-gvKiE4R2Kdnys7B_1ap5SFXifFjYW4aDNfqKUGDkvVZr72_7zuqAfoJZRAjeZtfYy6BoUETSFxIUl8AB1NWW2XQA3Th_xmbQbEc98JIvGZwxCN1NoDQkhNz7Il3RK3j2K_zhsKYvD3A9KSVdcOCjtLQL26M7JtLnQQB9zOOzCV4n2PPZ61WcqqfYPnpyNVRFXN9nj-sEo_mVN9Lpd0IFNT8PG95EHSrZ5BRKfuy0_b4egXbSoxFXoaLji-HGdEKw6Fv6ui8eeXsHyKqkqVoEyaNboLUrl9k4yt6ljrax2SAhbbgm9ljuxINalLQxzyuyFBvTJ0I1UHptuLh0p1cYWnpK6WkkUdvUAsPbMTAGL4rIa0NsMJI0WnOHeJ-vUPOMUxKMa1zw9Z8PwAbuYEUkbfNU6hDu-6CnKq9yP010HJMhGok6QQA9tUInPpilsrf1Py4t3mA8Xc9jQ5ikCOwytGOaiBDotG28jekrSbWrNxLp_eqGo6O442liVvJSohLLbYBKjvu4lsWpLcRoYEa4rv760zklzVdkpjU7pS-eMRqXGJmo0iz7TDC1G_xWUbz_YX3uQXPHpotRWiEsd5_yViUR77kkQmYT_hQ7_FUEmbtQnpDHKhvLQQP5Y5AD4gsBVu4nC5Mj3cAwBiZmDdcWpm_6Q9Dnm-b_nqBe9GBt2wC-GKLGJtwlPj5DjJ0H2Z1S1eFOxFoqYabI7Nz96j6Qqf6vLam6oKtjVt5CygFkOn2g_O1JoG08FpMI9EXOMb6CvTiFVaFab6napRbjxF0NqLHHM6pKtpVXO_6N8GGUMLkSWCdrDnJ5P-5ysTp-11lYRpBkKIEaNxL2WWgQK80TS5BHaTtrgs0bqU0xMwAZWX0tdr8E4HPmXt0Ib1537GyOdZoykEUy5SR2U_gsW5GD24u_Olt5hrXbqeWxqA7a5eEiWaC8nYdTraXVwNbr-ORwrze9V-Bl9sZ32-O76rRI_Lc8qnl9d5961U9a2tMgPjVELn8KjHNiKiLT96IplKbf6jN-nYZu2TJsCIqy_tuZLgkZNqlsSpB4zmSrY1JURq3HhTsiuuEIDxGibY6KcuzuT6IyrRDDFQcF5ZPVkDnmZXCADEAbMrxqt5Is_jAqk0x5aoupaOCPUrqfGEtQtrldYPeeVH7uAq4AhvyiWVTEOw5t8pMAxi5QUVOn9mv9jqqswKjrkOxkitZqUoRjiAZQ&cid=CAASFeRoUsmx9yYXIauho_iA1s5E9XWfPQ&rfl=1%2Chttps%253A%252F%252Ftinyurl.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 956E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5d66314b1bdcad68982a7e5bc364d36e228df70e739074d6aea58fb4b59e1eb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B9C8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Feb 2022 10:24:21 GMT
expires
Sat, 18 Feb 2023 10:24:21 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
32628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame FAE4 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Fri, 18 Feb 2022 18:47:00 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2B3E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Fri, 18 Feb 2022 18:47:00 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021602&jk=2120409136008640&bg=!MDOlM3fNAAbf-5Dq3_s7ACkAdvg8WowuDvShvmLLLjZEDvdnD72JWwZqHpTijcbvZB5505Z-Ds9SCwIAAAIiUgAAAAJoAQcKALUMXyoITiEG8MOH9AxSAXyJnhBsBcBqZ7oedy0B6bTXrGzKfHy_2-tNZjTRMyXfmUNo3jmoYZ6MkCF07CUEgq0xFk7oVdFdsS5u-zQy03KaBugFMBX35zcubaV_TaxgogiXfqqthvqdfPII5ttUAaYpOVFCtikkyLgViehZPK5jhWieMQRaO7bBSJOTGo0yIU2TiAPL0jlpocgzjHCXgft8Pl6F4UkODk9lSdX4u2OrEUK5DG1NmQKyyJ9ojug5IQIKfno0Ky1no-UkJy-bGDTyt2ZHXgSR-VEn0AKCfQYUBYM0RmTq0Gqj9caGWZLlKg3qmtp2KtkBJZWVryfwO5GYqTzTdCrI13DbytqEvpzauj4kWrLcsT6Aa4q1uk8bF9xtjUSPGIOwpKfpX8fhGtevTHR9rQSejOpYf-n5RVAtbyaFxsbFizk_OSGj3_wBvh4jfWBzezKnhaoh6VagBI_PjVB39mPbsfPTaBENfO55zg-g9ImW0VERc8XHJNhQsEvAxw1rIqjNWXa_iOdAMarUd6AW_2cAYuBMbK25lQpFLqurpv1_iZUKk0LIuNvkxC33Q9k-kFnlSdIkAmwdOb3Z6ODVsJYxIfHRnjM8e9hvi_zAeAPXj6Oi8yqKWSHk3Qg9uR0tmCUOlwh1UzEQ9hmb-90mSl4NsVXn211lpE7hQGceP2UNZ35_AL-HpyqJEuYbS-j028I58wHWTJZ7YfY2EUPCoZbPokwJI_XMXhJ5Mhra3j17sP4kWoccsgQVlunCbXpqjdpCKE99lIGWo4kuFsVcCUYfG-78LeMOrbc_btSbd1KeDg1KORQ-orkPKI3rLRYx4YHZiR-EV380k2REerGmK6pd5jqz6PXeUxy1rLh86muleBVbDXZ2sH_pO8Qaj3BAFid6tG9zxLcFeHSZIN0bmpvH2yYYs3ZP0e-6_DH-AHUIio8qKTS2xvOpjKaw6gqfiQ4r4j1tHfcyiL7tly9vR8y_gCNi9K-Ruo_UUF770dmehEQ-tXutWqtZE-l4xWpff2MPyakyrzmhxdDvSyhpceVR8LubQ0o-lXyUWfTF1X7yfyF301IwNI9-PmrzpcwomITcuQ2zq2su0rjF6-6NYaMqXxXPn3cOrvqsPMd37N2gP7I73WadSDIH_tJLaQ9t55eoWphJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4219073793260234323
tpc.googlesyndication.com/simgad/ Frame 4ADB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4219073793260234323?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk2HtBSEJh0YPMntwv7G6bsoQT10Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e666155adc38b774e429caed499ae332417bf8de3a0818fc847b0fea0708ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:21:56 GMT
x-content-type-options
nosniff
age
270373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8445
x-xss-protection
0
last-modified
Thu, 13 May 2021 12:59:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Feb 2023 16:21:56 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 4ADB 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 18:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 18:42:25 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4ADB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
218260476562286327
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:25:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4ADB 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 19:28:09 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4ADB 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cff67ddd98ac4518c2f0ea17302f9a63dd4e8c24f7375427a6b396fffa218d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7519
x-xss-protection
0
server
cafe
etag
5754846754200317394
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:25:39 GMT
l
www.google.com/ads/measurement/ Frame 4ADB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRgTGjuWAzniWtwlkD5TQU4FvHwjNmuTqmG0BuCR_zRKutfmnDEFsJn3f7RNZSqjZE6c0tCShCpvkkXEUQscTkXe70Hw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4ADB 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51ae7be962c4fe707f7656c27e1c7f7c09ff1379e6f29eeec92e739c1839e799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 12:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14549
x-xss-protection
0
server
cafe
etag
3090272840062775852
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 12:13:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4ADB 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTVs6SPMPYuOeDrnzo9kPyZepuAmjjsGsaMikk5TkD5rCjuv3LhABIOaX1iVgfaAB8Zqg0AHIAQKoAwHIA8kEqgSeAk_QHSF3ld1MLGpf8ft-rP3kUzIEYLuEX-r0OXc_eilQc2sQPM1epPX5jxruxmb4pN5MXx0VMI4rySTP3PHMA0ifz3SL8TAI7jdS_Ygz1ovWp2L385hx-OU_W3LRRRIN6Ph6ikC9MTjdP3mwCB_wSI14_aFF0-oxrFnXDaPU3GIRU7r0R5x6UPxz_OZPCq4TwInIEOciL2Z1nkcouzCsVwpT96ctGrsEDjHUdVw3zLRebqAIWjnyzlur_mpAm2YrpXxpDkn0bu0zGEExqW14-GDsz7xpmOXVXWaWLFsiYp8WSmz_7cBIL0zX7VFbfaS_9jF5WTmMOPCQ29LKLAr5xetz3UhEYn-Fr_dc4m7-N71tZHKXRboGUHAiFpha3kLABOXRhOzpA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf35N-vAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggHCIBhEAEYAPIIDmJpZGRlci0yODAwMDgzgAoEyAsB2BMM0BUBgBcBshcICgYIABIAGAA&sigh=kSAS4lRxC0I&uach_m=[UACH]&pr=10:1.510998&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 18 Feb 2022 19:28:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 5831 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3a9533d8eee34c98243261e41bd747e88e60a357618e589d46ef95f359b372a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E7DC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b671142b958b8d34d2dab62946a4cc305b840926d5ead88c91c2529489807670

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame CE36 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Fri, 18 Feb 2022 18:47:00 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4ADB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2b893776ec1ee4cac0069638d2abbb5ffdd4a016347b18476145b9c50c95fba

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
pagead2.googlesyndication.com/bg/ Frame B9C8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 07:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
42821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13572
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 07:34:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FAE4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 18 Feb 2022 19:28:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Feb 2022 19:28:09 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 18 Feb 2022 19:28:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2B3E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 18 Feb 2022 19:28:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Feb 2022 19:28:09 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 18 Feb 2022 19:28:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
pagead2.googlesyndication.com/bg/ Frame ADE8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 07:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
42821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13572
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 07:34:28 GMT
amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
pagead2.googlesyndication.com/bg/ Frame 9E3E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 07:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
42821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13572
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 07:34:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CE36
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 18 Feb 2022 19:28:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Feb 2022 19:28:09 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 18 Feb 2022 19:28:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
pagead2.googlesyndication.com/bg/ Frame 4AA0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 07:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
42821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13572
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 07:34:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9C8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BopH0SfMPYsnXBLqToPMP4ZmgWAAAAAA4AeAEAg&bg=!ODulO3_NAAbf-5Dq3_s7ACkAdvg8Wgrl3U6QBVHqZdc3yDKwy-D6yBXae-nGVlmS45r24wPrPkQLKwIAAAFTUgAAAAJoAQeZAvj2P4VKmaLX6yluOWs63yMxEdmiJ8Zd4mIsAJMf67vifdf5vdTY_4_pnwcMEcuxxqk3XmBqeMk5Bdob7uKFZuQdGG6uAk65LXULAIrsJiRROaZ50sP5UV1PMS6LH0fYzhf-GMPR_XqOxI1GEeIxBJZd7AiqhlD-NMskGtt68ecW8HeoRSSzQZUcCHqwwmKjy5xoeMA1-oX9qdl7OIYnBJB0Knh0x4g9GMwUaaXOxJG1iZekKGL2m129QfEI0INJg9jMce3Oyn1BGbdhGP_V1ZBlrAQL7puEv5qyNqhFFZ6uJyg6hU8kXVa3JplLHQ4--N24M1rpiO9He5mNkiIYuu-aWp0ofbtfRFr42NrNEc3g78-nVqifWUt0Dy568F2swpyDeGrLUS_PWfdH6lxbZhk8omZBUrzm7krgk2yHNxE3C6PU4GdqM8Ig9NDiVbkpjSJs-UnRq-UgW-Z_C6uc7nkhzB-Hyw-U8Y_d9uvAKKCb61-0gp0-KG3ODRqWt5wNzRQPdSz9lVQHpuO6-j6hJfFs9VEMuZlrI2oxuqMW5A3ZITJJiqid3bpBZAydacggGmb03NTxzWl2PZml-BLxfnT9BgrfWdUtErweV_olGjHxVZIcXzwizV8C6FTSVeOgQkVusFutXq-riuk2EYC2aFpy4W-p1_HPMHsrBVKq_whOLcaTb8DTm0woJ_J6isLqE5WzZngXuYtQofobQjI_yPHysuRwTeC16DmoJUDD9RoJFLZYt1E5ykbW9i9N7ktVdVm4lyiN0lhjWi18WGlK0ONSiOJvD_OYTafnTqspCR_oeg9J_YwDDX90W-frfkSMxKuWta9uAut7ZiHpQSJpCAgl0puP6bTqQ6fRhhS6GcAw909orY3r2cDG3Op2Epk8FNnJwKCkiwvH5LLVqzsIK_AT9Hm9RK7JXx-BsmDWFj9cm8Jwuqv5XnLi9B-uHkDQXauPkgLb5MGTaF-WkGi7BndDE78hXZnlSSBi1T7dvKZ8VlLGPgH-wMpt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 943A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_rRWkdby5it4stf67coqiXOUHya--oVmWMrP5Zep0vt7IcxKKlFmFxYC2J6sQzkp45shjb3F02yvr3Q-UyrHvfRPGunrmlaWIR-c3pia7WlYlGxwR&sig=Cg0ArKJSzAaMr40LXNsqEAE&id=lidar2&mcvt=1000&p=123,523,213,1251&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=236599969&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645212488863&rpt=250&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D54B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTVc_1astm6xM4m7dn-2jE9EylpC3v19mApsd4at_cUnXKz58IG7axdBm8ZzHSr2bgusGy2pQeJqmkACCTkUsAc-0r8xQdDNaXJcPKP-1_AurIUDha&sig=Cg0ArKJSzP1Sj3pd9_W-EAE&id=lidar2&mcvt=1002&p=243,1280,493,1580&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1415490781&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645212488900&rpt=251&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 943A 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLiBuhiAwAAAwDWAAUBCMjmv5AGEKiEqaiB3pe6YxgAKjYJYU87_DWZ9T8RlXYPdcSu8j8ZAAAAgD0KEkAhlQ0SACkRJAAxCRuw7z8ww_LOBTj0DkDlHkhlUKeiyyVY6ahLYABozZIOeOjmAoABAYoBA1VTRJIBAQb03gKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDIy2AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLURPeTlvak1VM09LRVpZV2JvMlYyck9iZlNTMURvY1RXXzB6YnU3aWNVMmtJNjhMRjQ2RTlMNkZxdk5YM3hGSWlYVXFUZ3dIMklIUWFIR0gtY2lEOUtQUGNVX1dBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzcxNjY0NTcyOTIyOTE0NTc1NzYiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgD1rMv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAS7r9EdyAQA2gQCCAHgBAHwBKeiyyWIBQGYBQCgBduwoqiUluDKH8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8IABAAGAAgADAAOLQEQADIB-jmAtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=963957afbeadf138f61cffe74efc15658bcdd78f&type=pv&jm=1003|1030&px=523&py=123&bw=728&bh=90&sf=1&sid=1962093761280211422&vd=ct~0|rr~5&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11778371&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:10 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c143bf7f-ce68-4216-a473-3477186f8ca5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BF42 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsJ8DDEghrjI1PHBgXu9xYZv5PBfd_o_AP5sasF0M04ercRA-n4tZR-3ZIpShG4R1zTOstrBVzBY2EEs-oSbsa3tWRtAaLwmgD1aV11PJg4sPr-cl8&sig=Cg0ArKJSzIKTsG0jxvymEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3563311070&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645212488956&rpt=242&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:10 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
vevent
nym1-ib.adnxs.com/ Frame D54B 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLjBuhjAwAAAwDWAAUBCMjmv5AGEM3n59S65vu-CxgAKjYJAwmKH2Pu4j8RWwpI-x9g4D8ZAAAAgOvRIkAhWw0SACkRJMgxAAAAoHA9-j8wwPLOBTj0DkDlHkhlUKGf6SRY6ahLYABozZIOeOjmAoABAYoBA1VTRJIFBvRuApgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDE52AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-kBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLURLV0l4VXFkYnBFazVWM1BqX3BrdmhRekthY2p3UmtTVnUzY19uMW1RdDBJOURYQldFTmoteUp0YjBJbkJmcW9IRHFBM3I1SWpBS2ZLb0ZOZlJOb1dnVnAzRlVnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjgyODA4MDkxMTY5MDYyNTk5NyIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2APWsy_gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAShr9EdyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBevb1pL2gpChDcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAATgNAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8BWEwYACAAMAA4tARAAMgH6OYC0gcNCQ1GBUcI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=5bbde2cc40dd86521007ea8442b777b2cab14f1b&type=pv&jm=1003|1030&px=1280&py=243&bw=300&bh=250&sf=1&sid=1962093761280211422&vd=ct~0|rr~5&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11778368&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:10 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
108f8f9b-e6b1-44d1-8576-4878ea9791f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame BF42 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftinyurl.com%2Fmrczpmvu__%3B%21%21Iww4%212yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh%24&e=wqT_3QLiBuhiAwAAAwDWAAUBCMjmv5AGEPjj0LPVt_6YXhgAKjYJfSQlPQwt-D8Rhmghv4bp9D8ZAAAAgD0KEkAhhg0SACkRJAAxCRuw7z8ww_LOBTj0DkDlHkhlUKeiyyVY6KhLYABozZIOeOjmAoABAYoBA1VTRJIBAQb03gKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEMZG0tcGwtMTY3NDIy2AL1P-AC-6k86gJraHR0cHM6Ly90aW55dXJsLmNvbS9tcmN6cG12dV9fOyEhSXd3NCEyeUYxRk1pV0FjbGlyWXVPZm5KdDNBMThEaUFkSGpNdXpMMlVsLWNINGVBUDBXYWdOMU40WEUxSlRIcUZWbjdfUERuaCSAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUN2Q1NldTdyWGJXbTF3b01Mb3dHOF9IMFNldkZ2RDREYXA5OXlhX095M3VZamdGSGJFRjZrWklqRjJ3alhZOFlya2prS3A3T2JtNXZ3YlFmQUtzcUJMOHdQTUZnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY3ODc0ODA3MDUwMTg2Mzg4NDAiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgD1rMv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAS7r9EdyAQA2gQCCAHgBAHwBKeiyyWIBQGYBQCgBcfY9_6w-YDePMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdr8QvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE0OTE1MDY0MDW6Bw8IABAAGAAgADAAOLQEQADIB-jmAtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=fca5570db07f2217c4e5a273d3d75dd0d9b0cd77&type=pv&jm=1003|1030&px=436&py=1110&bw=728&bh=90&sf=1&sid=1962093761280211422&vd=ct~0|rr~5&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11778371&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:10 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e2d1a128-733c-4437-8335-5b0b75e8438b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tinyurl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 956E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstACoGXL_JZVdvEwHr3Ve13HnOa12XS7b2g7Af1yXpQ4plTsvlZyjog5kMJ6kAlNzwNakijKCAHbjDVp694GIupdrny9mPS5WOIeQ&sai=AMfl-YRp21xU_o3be2rflQ4pUsTblhInHL6EPVKOSSok6lcwDWWhpi3t0KYY3_Z3hIyreCMR8D00xyW99liQVyeSgf9XLM_gVP9Uo43acyBnHjC0ffrUS3zyAEx7fO_BPDUu&sig=Cg0ArKJSzBwZmc_2F8CCEAE&cid=CAASFeRoUsmx9yYXIauho_iA1s5E9XWfPQ&id=lidar2&mcvt=1000&p=357,8,957,168&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3373584571&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645212488860&rpt=519&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5831 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIQze37gb9arYXIgu1khmxX2fPS264MKNQq6i08DO_15_CUm5Ry3lpgcLq1zcAzsETaW3WmNErKMFEh0J1M5ty-n0gTjk7SlVL3_NUEQS5GJYlxMs&sig=Cg0ArKJSzI9KB6Bq-eiFEAE&cid=CAASFeRo8IY_n33Sx4qX_Zei8vuB27pmQg&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=21353988&exk=873126822&rs=5&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645212488896&rpt=544&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:10 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame E7DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuM7tliLQLl7tya-Eil3pYjISL4HLrmWwTZ06rkOi-4ybMV7hC25Vmjh1NbGD6EbyE1iSm6O31HFDowNlnCi2vdOu36GGEIQcVy8AULh7t9uQBXul0&sig=Cg0ArKJSzB7ggdQEczApEAE&cid=CAASFeRouvUiRBdZ7MhkSnDayhM19EnpGg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1509722920&exk=33874109&rs=5&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645212488916&rpt=545&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4ADB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshdrLMQ4FDt2TyryB7YgRJUBYJpjW8758i5drJKnXtANA8aG1ugoejSE0EE6VsxXtFKbSYH5Rv3ETTBa1tc2QPOwtTYIazVEY3wlawj0cx3GPqBao&sig=Cg0ArKJSzHR2S0RUG2GJEAE&cid=CAASFeRo9wraFAmQyI_8RBHur8v69uI1vA&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=21353988&exk=1844707429&rs=5&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645212488975&rpt=554&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinyurl.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/tinyurl.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-233-191.compute-1.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://tinyurl.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 19:28:10 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
/
de.tynt.com/deb/ Frame 6DF2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4c0cfa2339d5dfbc45d7d822793dace984c9c3486e6ddc18705cd3cb0c894349

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1333
date
Fri, 18 Feb 2022 19:28:11 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Fri, 18 Feb 2022 19:28:11 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usync.html
eus.rubiconproject.com/ Frame D936 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-247-148.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Feb 2022 19:28:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame F77E 		116 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
content-type
text/html
cf-ray
6df9a837cb2953e3-YYZ
age
26396
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 c70a767a1186502261b821449623037a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
OJSlGRMZemclq3KYEYsn4_bL_YCbThI_I8VF7tDQX9NhVE0dy_0oGw==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
/
de.tynt.com/deb/ Frame 00C5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e9eef8b3433f08b26118ce08d836337cf1db7a4e48b1183517d51caa17039f71

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1333
date
Fri, 18 Feb 2022 19:28:11 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Fri, 18 Feb 2022 19:28:11 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
sync
eb2.3lift.com/ Frame 3314
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
76b9c411625467a424af978484aca8d01c34e33793d0995c14da20a8c087af8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
content-type
text/html; charset=utf-8
content-length
461
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 18 Feb 2022 19:28:11 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame B65C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Feb 2022 19:28:11 GMT
Age
55485
X-Served-By
cache-lga21970-LGA, cache-yul12828-YUL
X-Cache
HIT, HIT
X-Cache-Hits
234696, 216803
X-Timer
S1645212492.505112,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1B01 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: tinyurl.com
URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Feb 2022 19:28:11 GMT
Age
24933828
X-Served-By
cache-lga21960-LGA, cache-yul12832-YUL
X-Cache
HIT, HIT
X-Cache-Hits
263, 40802
X-Timer
S1645212492.504882,VS0,VE0
Vary
Accept-Encoding
bswt
c.deployads.com/cs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sortable
  • https://x.bidswitch.net/ul_cb/sync?ssp=sortable
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=sortable
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=eEVHIluHThxsXVdVZQYL5pU4mb0&user_group=1&ssp=sortable
  • https://c.deployads.com/cs/bswt?b=60e45fac-182d-4332-b0c1-f2271f9e3456&i=
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/bswt?b=60e45fac-182d-4332-b0c1-f2271f9e3456&i=
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//c.deployads.com/cs/bswt?b=60e45fac-182d-4332-b0c1-f2271f9e3456&i=
Date
Fri, 18 Feb 2022 19:28:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8835620f-f34c-4400-a069-18b4d3d11fc1
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8835620f-f34c-4400-a069-18b4d3d11fc1
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-25
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Feb 2022 19:28:12 GMT
Server
MT3 4133 baa842e master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8835620f-f34c-4400-a069-18b4d3d11fc1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Feb 2022 19:28:11 GMT
ADBE
c.deployads.com/cs/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1508?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FADBE%3Fb%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/1508?redir=https%3A%2F%2Fc.deployads.com%2Fcs%2FADBE%3Fb%3D%24%7BTM_USER_ID%7D&_test=Yg-zSwAHNUMN8QBB
  • https://c.deployads.com/cs/ADBE?b=Yg-zSwAHNUMN8QBB&_test=Yg-zSwAHNUMN8QBB
43 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/ADBE?b=Yg-zSwAHNUMN8QBB&_test=Yg-zSwAHNUMN8QBB
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645212492.577731,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://c.deployads.com/cs/ADBE?b=Yg-zSwAHNUMN8QBB&_test=Yg-zSwAHNUMN8QBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=a19e455b-960d-4166-a6a3-8887ea03ef60&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U0V2SXByLXRUY3U0VTV4dUF0R0g0QQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEM7K4g8gAVv3AevxCtDxsXM&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tDbKIUdS4Hpk
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tDbKIUdS4Hpk
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-25
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tDbKIUdS4Hpk
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-56659f45bd-zcwct
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456&google_hm=NjBlNDVmYWMtMTgyZC00MzMyLWIwYzEtZjIyNzFmOWUzNDU2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKD3Dvs9HYhAoc0VrT8EYm4&google_cver=1&ssp=sonobi&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60e45fac-182d-4332-b0c1-f2271f9e3456
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60e45fac-182d-4332-b0c1-f2271f9e3456
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-58
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60e45fac-182d-4332-b0c1-f2271f9e3456
Date
Fri, 18 Feb 2022 19:28:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cent
c.deployads.com/cs/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D00efda57-3a70...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D00efda5...
  • https://c.deployads.com/cs/cent?b=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&gdpr=0&gdpr_consent=
43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/cent?b=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://c.deployads.com/cs/cent?b=00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-4341&gdpr=0&gdpr_consent=
date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777311224324447
49 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777311224324447
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-58
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777311224324447
Date
Fri, 18 Feb 2022 19:28:11 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
TTD
c.deployads.com/cs/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=ge1y7yp&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=ge1y7yp&ttd_tpi=1
  • https://c.deployads.com/cs/TTD?b=0bf79414-7880-4cb1-93df-0406355863c9
43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/TTD?b=0bf79414-7880-4cb1-93df-0406355863c9
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://c.deployads.com/cs/TTD?b=0bf79414-7880-4cb1-93df-0406355863c9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
169
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fb9580c293&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0bf79414-7880-4cb1-93df-0406355863c9&pubid=fb9580c293
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=a19e455b-960d-4166-a6a3-8887ea03ef60
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=a19e455b-960d-4166-a6a3-8887ea03ef60
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d1a02403-6be1-4453-a777-88e1dae30259%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0bf79414-7880-4cb1-93df-0406355863c9&ttd_puid=d1a02403-6be1-4453-a777-88e1dae30259%2C
95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0bf79414-7880-4cb1-93df-0406355863c9&ttd_puid=d1a02403-6be1-4453-a777-88e1dae30259%2C
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0bf79414-7880-4cb1-93df-0406355863c9&ttd_puid=d1a02403-6be1-4453-a777-88e1dae30259%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
XNDR
c.deployads.com/cs/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c.deployads.com/cs/XNDR?b=$UID
  • https://c.deployads.com/cs/XNDR?b=5770721952549674459
43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/XNDR?b=5770721952549674459
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tinyurl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 554.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bfde3d3f-9ec6-47bc-bfbc-227f691d4e77
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://c.deployads.com/cs/XNDR?b=5770721952549674459
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame F77E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
60735
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6df9a8384c6d53e3-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Sun, 20 Feb 2022 19:28:11 GMT
async_usersync
ib.adnxs.com/ Frame B65C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6b669877-b492-49d6-a012-47c14bffc870
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame 1B01 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.207 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 554.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
45f4181b-4f06-4855-9fc6-7bd574726038
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D936 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-247-148.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f98be953ab95e15cd0e765f6e31a5ca84e6fe4b0a52f9e462e2e559da2e79a2c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15611
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9758
Expires
Fri, 18 Feb 2022 23:48:22 GMT
xuid
eb2.3lift.com/ Frame 3314
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0bf79414-7880-4cb1-93df-0406355863c9&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0bf79414-7880-4cb1-93df-0406355863c9&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=0bf79414-7880-4cb1-93df-0406355863c9&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=k6B4LnqfM&dongle=u6nf
eb2.3lift.com/ Frame 3314
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=k6B4LnqfM&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=k6B4LnqfM&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=k6B4LnqfM&dongle=u6nf
date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 3314
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOgpXAKm3-Dc0Ukic8Zl3w0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOgpXAKm3-Dc0Ukic8Zl3w0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOgpXAKm3-Dc0Ukic8Zl3w0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3314
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxODExODcyODkwNDI4ODIzNjcyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxODExODcyODkwNDI4ODIzNjcyNA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxODExODcyODkwNDI4ODIzNjcyNA%3D%3D
date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 3314
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1018118728904288236724&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1018118728904288236724&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7286ae5c-9483-4917-a7d3-70d9eee48614&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7286ae5c-9483-4917-a7d3-70d9eee48614&_noobservation=1&_expected_cookie=341f16a...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7286ae5c-9483-4917-a7d3-70d9eee48614&_noobservation=1&_expected_cookie=341f16a00debda7a147a5e669cd4f162
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6df9a83abe3b541f-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7286ae5c-9483-4917-a7d3-70d9eee48614&_noobservation=1&_expected_cookie=341f16a00debda7a147a5e669cd4f162
date
Fri, 18 Feb 2022 19:28:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6df9a83a5d3b541f-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 3314
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1018118728904288236724?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YG8a_nNE2oTmP8nAQLRITdP2q1otMGLKCPlu41Ddrg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YG8a_nNE2oTmP8nAQLRITdP2q1otMGLKCPlu41Ddrg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YG8a_nNE2oTmP8nAQLRITdP2q1otMGLKCPlu41Ddrg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame 3314 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1018118728904288236724&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
etag
"89b446b6cf8d81:0"
last-modified
Thu, 13 Jan 2022 22:48:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CF223BACD0BF40B8A68A45D96FB1A005 Ref B: YTO01EDGE0819 Ref C: 2022-02-18T19:28:11Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 3314
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1018118728904288236724
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1018118728904288236724&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1018118728904288236724&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4EADGAKGBG0M6K9NT2GC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1018118728904288236724&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3314
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1018118728904288236724&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_par...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ee833199d26e4c6f984db7c195eb1fe3&ssp=triplelift&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=60e45fac-182d-4332-b0c1-f2271f9e3456&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=60e45fac-182d-4332-b0c1-f2271f9e3456&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=60e45fac-182d-4332-b0c1-f2271f9e3456&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Feb 2022 19:28:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 3314
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=yjwO1x5qEbtKmIpVpQ2t&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PFVHOTZRPA2XC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=yjwO1x5qEbtKmIpVpQ2t
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=yjwO1x5qEbtKmIpVpQ2t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:11 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=yjwO1x5qEbtKmIpVpQ2t
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
buyers
dmx.districtm.io/s/v1/ Frame F77E 		487 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
833ab3a0156e5a5045af34689df4ff2c776a9af5dbe62f4a32de5c70419fd540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6df9a8389d2d53e3-YYZ
access-control-allow-headers
Origin, Content-Type
1783777311224324447
dmx.districtm.io/s/10056/ Frame F77E
Redirect Chain
  • https://p.rfihub.com/cm?pub=36496&in=1
  • https://dmx.districtm.io/s/10056/1783777311224324447
75 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10056/1783777311224324447
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe6b45fe1347f4feb9242aa23aac1f33b50f6ca8bb81417fb7b3d1bf50e6178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Fri, 18 Feb 2022 19:28:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6df9a8395eca53e3-YYZ

Redirect headers

Location
https://dmx.districtm.io/s/10056/1783777311224324447
Date
Fri, 18 Feb 2022 19:28:11 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
AAGsOk7EH-cAAHW5BcdV8w
dmx.districtm.io/s/10025/ Frame F77E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/districtm
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1
  • https://dmx.districtm.io/s/10025/AAGsOk7EH-cAAHW5BcdV8w
78 B
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10025/AAGsOk7EH-cAAHW5BcdV8w
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cbe9fb1795798c6cde4ba690b43293b32fcb7091148cd99ff06904f1098095d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Fri, 18 Feb 2022 19:28:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6df9a83a993a53e3-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10025/AAGsOk7EH-cAAHW5BcdV8w
Date
Fri, 18 Feb 2022 19:28:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
648294877380
dmx.districtm.io/s/10022/ Frame F77E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
  • https://dmx.districtm.io/s/10022/648294877380
68 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10022/648294877380
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebce6341134b7d969c126421e7ba8375b0e713e01eca4224f254f843c81805ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Fri, 18 Feb 2022 19:28:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6df9a83a186853e3-YYZ

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dmx.districtm.io/s/10022/648294877380
y-K44DmY5E2uH_DBYGaOq.HsosXjIU.MoJ~A~UPe9096352-90f0-11ec-8ce9-0a76a3100851
dmx.districtm.io/s/10051/ Frame F77E
Redirect Chain
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe9096352-90f0-11ec-8ce9-0a76a3100851
  • https://dmx.districtm.io/s/10051/y-K44DmY5E2uH_DBYGaOq.HsosXjIU.MoJ~A~UPe9096352-90f0-11ec-8ce9-0a76a3100851
131 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10051/y-K44DmY5E2uH_DBYGaOq.HsosXjIU.MoJ~A~UPe9096352-90f0-11ec-8ce9-0a76a3100851
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30654a5cefc5bf2b0395feac49119e4129547fa6b35d418e0a8c2e0a61acf205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Fri, 18 Feb 2022 19:28:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6df9a83a891f53e3-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10051/y-K44DmY5E2uH_DBYGaOq.HsosXjIU.MoJ~A~UPe9096352-90f0-11ec-8ce9-0a76a3100851
date
Fri, 18 Feb 2022 19:28:11 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
UgxfkWRdRCFch7TLE_NauZU4mb0
dmx.districtm.io/s/10026/ Frame F77E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/UgxfkWRdRCFch7TLE_NauZU4mb0
83 B
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/UgxfkWRdRCFch7TLE_NauZU4mb0
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cecdb612f8c75f219ba2dcea2774c1163da899b6a61379ee69a19a5dff27720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Fri, 18 Feb 2022 19:28:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6df9a839af5d53e3-YYZ

Redirect headers

Location
https://dmx.districtm.io/s/10026/UgxfkWRdRCFch7TLE_NauZU4mb0
Date
Fri, 18 Feb 2022 19:28:11 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame D936
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0bf79414-7880-4cb1-93df-0406355863c9&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0bf79414-7880-4cb1-93df-0406355863c9&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0bf79414-7880-4cb1-93df-0406355863c9&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
setuid
px.ads.linkedin.com/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZST1CDE-17-D84V
0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZST1CDE-17-D84V
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0789C11A05B24A60A8046FB05D978530 Ref B: YTO01EDGE0506 Ref C: 2022-02-18T19:28:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYT+IosJx9xFkuyVCaIQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZST1CDE-17-D84V
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZST1CDE-17-D84V&sigv=1&esig=2~3bbabe52e59a49fd42fac54e1e856f706462501a
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZST1CDE-17-D84V&sigv=1&esig=2~3bbabe52e59a49fd42fac54e1e856f706462501a
Protocol
H2
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZST1CDE-17-D84V&sigv=1&esig=2~3bbabe52e59a49fd42fac54e1e856f706462501a
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame D936 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yIOfAMlHJbaT8tjsSH8Essn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=621242019481267589
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=621242019481267589
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Content-Type
image/gif

Redirect headers

date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=621242019481267589
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame D936
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKL1X9_XAw7UYE5HPcnClXQ&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKL1X9_XAw7UYE5HPcnClXQ&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKL1X9_XAw7UYE5HPcnClXQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D936
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c811620f-f34c-4200-83aa-d8c5a5813305
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c811620f-f34c-4200-83aa-d8c5a5813305
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Content-Type
image/gif

Redirect headers

Date
Fri, 18 Feb 2022 19:28:12 GMT
Server
MT3 4133 baa842e master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c811620f-f34c-4200-83aa-d8c5a5813305
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Feb 2022 19:28:11 GMT
pixel
cm.g.doubleclick.net/ Frame D936
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNhM2I1OWU4Y2M1OTVmNTJhYzRkNDViYTc4Yjk0MzAzMzNmMjEyZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNhM2I1OWU4Y2M1OTVmNTJhYzRkNDViYTc4Yjk0MzAzMzNmMjEyZg
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNhM2I1OWU4Y2M1OTVmNTJhYzRkNDViYTc4Yjk0MzAzMzNmMjEyZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.html
eus.rubiconproject.com/ Frame E5EB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-247-148.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Feb 2022 19:28:11 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
date
Fri, 18 Feb 2022 19:28:11 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
match
cms-xch-chicago.33across.com/ Frame 00C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=60e45fac-182d-4332-b0c1-f2271f9e3456
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk4986a24f-382f-4b09-b124-f42635b8174d&expires=7&user_group=5&ssp=the33across&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
date
Fri, 18 Feb 2022 19:28:12 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 00C5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1645212491764.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=1c14620f-f34c-4800-908d-521f1ce926dd
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=1c14620f-f34c-4800-908d-521f1ce926dd
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 18 Feb 2022 19:28:12 GMT
Server
MT3 4133 baa842e master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=1c14620f-f34c-4800-908d-521f1ce926dd
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Feb 2022 19:28:11 GMT
match
cms-xch-chicago.33across.com/ Frame 00C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 00C5
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=3ac31522212d1206&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZ_SSUcmI7QNtl2IkAAAAAAA&expiration=1645298891&is_secure=true&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZ_SSUcmI7QNtl2IkAAAAAAA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZ_SSUcmI7QNtl2IkAAAAAAA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZ_SSUcmI7QNtl2IkAAAAAAA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 00C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647804491%26external_user_id%3D0bf79414-7880-4cb1-93df-0406355863c9
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=bggfyaakar6PmwaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame E4FA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-247-148.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Feb 2022 19:28:11 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
date
Fri, 18 Feb 2022 19:28:11 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
match
cms-xch-chicago.33across.com/ Frame 6DF2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=60e45fac-182d-4332-b0c1-f2271f9e3456
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mka3576dfb-be38-4e47-9d17-ab0d38caa520&expires=7&user_group=5&ssp=the33across&bsw_param=60e45fac-182d-4332-b0c1-f2271f9e3456
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=60e45fac-182d-4332-b0c1-f2271f9e3456
date
Fri, 18 Feb 2022 19:28:12 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 6DF2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:11 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-kTPhHx1E2uF82cN22i.f_OdVD8BmRepP%7EA&ts=1645212491&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 6DF2
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=82e2ee746821205&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZuO5H_-D3wMr80G0AAAAAAA&expiration=1645298891&is_secure=true&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZuO5H_-D3wMr80G0AAAAAAA&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZuO5H_-D3wMr80G0AAAAAAA&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZuO5H_-D3wMr80G0AAAAAAA&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 6DF2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647804491%26external_user_id%3D0bf79414-7880-4cb1-93df-0406355863c9
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647804491&external_user_id=0bf79414-7880-4cb1-93df-0406355863c9
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 6DF2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1645212491786.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=6315620f-f34c-4100-ac95-afbb794738cd
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=6315620f-f34c-4100-ac95-afbb794738cd
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d9HhYeaj8r6QaoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 18 Feb 2022 19:28:12 GMT
Server
MT3 4133 baa842e master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=6315620f-f34c-4100-ac95-afbb794738cd
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Feb 2022 19:28:11 GMT
usync.js
eus.rubiconproject.com/ Frame E5EB 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-247-148.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f98be953ab95e15cd0e765f6e31a5ca84e6fe4b0a52f9e462e2e559da2e79a2c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15611
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9758
Expires
Fri, 18 Feb 2022 23:48:22 GMT
usync.js
eus.rubiconproject.com/ Frame E4FA 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-247-148.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f98be953ab95e15cd0e765f6e31a5ca84e6fe4b0a52f9e462e2e559da2e79a2c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 19:28:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15611
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9758
Expires
Fri, 18 Feb 2022 23:48:22 GMT
match
cms-xch-chicago.33across.com/ Frame E5EB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KZST1CDE-17-D84V
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KZST1CDE-17-D84V
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZST1CDE-17-D84V&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZST1CDE-17-D84V&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Feb 2022 19:28:11 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZST1CDE-17-D84V&ts=1645212492&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
users
dmx.districtm.io/s/v1/ Frame F77E 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6df9a83c8d5b53e3-YYZ
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
cf-ray
6df9a83bec975443-YYZ
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
users
dmx.districtm.io/s/v1/ Frame F77E 		0
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6df9a83dd82753e3-YYZ
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Feb 2022 19:28:12 GMT
cf-ray
6df9a83cffae5443-YYZ
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
async_usersync
ib.adnxs.com/ Frame B65C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Feb 2022 19:28:12 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 571.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
1d6ea748-f153-48f0-87c2-d15f62279467
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| structuredClone function| $ function| jQuery function| fbq function| _fbq object| _gaq object| deployads object| _gat object| gaGlobal string| __at_pvid object| googletag boolean| deployads_loaded object| pbjsSortable function| pbjsSortableChunk object| _pbjsGlobals object| confiant object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages number| lnt_z object| google_image_requests

94 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQo7658vAvCgoI4gEQo7658vAvCgoI5gEQo7658vAvCgoIhwIQo7658vAvCgkICRCjvrny8C8KCQg6EKO-ufLwLwoJCAsQo7658vAvCgoIjAIQo7658vAvCgoIngIQo7658vAvCgkIXxCjvrny8C8=
.mrtnsvr.com/sync Name: userId
Value: k6B4LnqfM
.tinyurl.com/ Name: __utma
Value: 224967455.1624275069.1645212488.1645212488.1645212488.1
.tinyurl.com/ Name: __utmc
Value: 224967455
.tinyurl.com/ Name: __utmz
Value: 224967455.1645212488.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.tinyurl.com/ Name: __utmt
Value: 1
.tinyurl.com/ Name: __utmb
Value: 224967455.1.10.1645212488
.tinyurl.com/ Name: _fbp
Value: fb.1.1645212487604.1714099226
tinyurl.com/ Name: __rtgt_sid
Value: kzst1bzc3rpj4x
.facebook.com/ Name: fr
Value: 0Hf8P2pgpNjnqZ5M6..BiD_NH...1.0.BiD_NH.
.tinyurl.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlBIWDJzQmp6QnRlNTRjU3hkdTRKbGc9PSIsInZhbHVlIjoiVVVFVGRqMVNsT1wvakc0YWFTRHF6WG1BMWFiaXc1bUg4ZGVnUXdsYWVvZ1UyUWxPcXZ3ZGRKejk5UTJRU0lwYkNqUTRRZnNLcDBOVFNMWjVmZ1hERnd0Y1wvMW9vUktzZTdrWEpDOUZWV3F6SUNKU0NkQVJIRUxhRGlZYVdWd1o1bCIsIm1hYyI6ImQ5NGFhOGZmNjIxYmUyN2ZjNmI5N2Y0MjA5Mjg4NGIyNDUwZmUyYTUzNzYzMWQzYmI4OTRiZmI3ZDM0YTM3MmYifQ%3D%3D
.tinyurl.com/ Name: tinyurl_session
Value: eyJpdiI6IjlET2ZWS2x3dkNEam5LXC9sS3d3UGlRPT0iLCJ2YWx1ZSI6IjU0VmF5cmlpdG1oZmVaYmhKM1V3T0Fyc3FMRVhWM0NLMHl5QVR3SmZlR0w4WFc0QWtBbkZNWGJyMmVsZE5QSThSelBcL29tR0dXYlZjTkxGbTJpREVHbDUzc1d4eUl5YlgxdHJ0UFVcL2V3K2hua0dLUXowZTZlaGRUcTJZXC80djYwIiwibWFjIjoiNjk0YWVhMTcxZjkwN2UzNDZhN2U0YmQ2NDgwZjFmMzk3ZmMzN2Q0ZjA1N2NmOTE3NzE4NjA5MDY5NTBmMWU5NyJ9
.tinyurl.com/ Name: tinyUUID
Value: eyJpdiI6ImkxcVwvN2syUEhkakgzaW10QndoU293PT0iLCJ2YWx1ZSI6IjZmNzh4eTJCaTdqeENMeURNTE1rcXFDMzVaMnEyazF2RW83WUUraEFISFVudENVYzFnRGhhelQ5STVuUGFFcnlUMGxsSnZGVDZaWU1uc1wvOFNFdWlSM0N4WktyRG1mbjRKNlA4ZitDTVoyUT0iLCJtYWMiOiIwMTM2YmUzNzRkZjMzYTUwMjdkNDkzNzNkNzZjZDE2ZmM0MjI4M2IzNjZlN2QwODI4ZDUxZTU1NWZjMWYyY2VkIn0%3D
.go.sonobi.com/ Name: __uis
Value: a19e455b-960d-4166-a6a3-8887ea03ef60
.go.sonobi.com/ Name: _usd_tinyurl.com
Value: a895de20-a340-4c68-8697-f761e69d79bf
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8750|Yg/zS
.yieldmo.com/ Name: yieldmo_id
Value: g24d11c4aac87b0bf0a2%7C1645212488178%7C2947375069907639759%7C
.yahoo.com/ Name: A3
Value: d=AQABBEjzD2ICEH6HGFt4V384fWwvrVHZpmkFEgEBAQFEEWIZYgAAAAAA_eMAAA&S=AQAAAnoD-HSu0CN78iUJKqe3rIg
.rubiconproject.com/ Name: khaos
Value: KZST1CDE-17-D84V
.deployads.com/ Name: d7s_uid
Value: r7im2wxqdzuu
.adnxs.com/ Name: icu
Value: ChgI2OU6EAoYASABKAEwyOa_kAY4AUABSAEQyOa_kAYYAA..
.adnxs.com/ Name: uuid2
Value: 5770721952549674459
.tinyurl.com/ Name: __gads
Value: ID=e83cfc9034f0fae0-22f159a328d000db:T=1645212488:S=ALNI_MYjDFzjKjFrRO174NYu2jRtaZKFLQ
.doubleclick.net/ Name: IDE
Value: AHWqTUntK2uySAo9MhFd0WJuwRVhKYP_qtkj-fGEBHyDafQmCUqnXtK0WD5KgQe_V24
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C'!r2M8S!]tbPl1M>e)ZlrFUfJ+tGXxoPOUo88c2*(4Fmm<zasBz0XTj]P[80Qkvc<YB3If)y3KL9D3I?+M6z8D/
.demdex.net/ Name: demdex
Value: 36413489099156560750386151707766792396
.scotiabank.demdex.net/ Name: scotiabank
Value: 36413489099156560750386151707766792396
.casalemedia.com/ Name: CMPS
Value: 471
.casalemedia.com/ Name: CMST
Value: Yg-zSWIP80kA
.casalemedia.com/ Name: CMID
Value: Yg-zSWJDvYpkYJQU6nYfGAAA
.casalemedia.com/ Name: CMPRO
Value: 138
.casalemedia.com/ Name: CMRUM3
Value: 2d620ff3492760CAESEPIecbRwSZgYPNnnL0TTAoQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 1018118728904288236724
.adsrvr.org/ Name: TDID
Value: 0bf79414-7880-4cb1-93df-0406355863c9
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yg-zSwAHNUMN8QBB
.sitescout.com/ Name: ssi
Value: 00efda57-3a70-436d-b7af-7ed9926898e6#1645212491561
.33across.com/ Name: 33x_ps
Value: u%3D1914733456021%3As1%3D1645212491570%3Ats%3D1645212491570
.bidswitch.net/ Name: c
Value: 1645212491
.bidswitch.net/ Name: tuuid_lu
Value: 1645212491
.bidswitch.net/ Name: tuuid
Value: 60e45fac-182d-4332-b0c1-f2271f9e3456
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDQyMjE2MjExMRfiM9RNyszLqwhILQuqcM2T4jU0MzE1MjQysTQ0tTQAADScYhk0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDQyMjE2MjExMRfiM9RNyszLqwhILQuqcM0DAJW7gKIlAAAA
.contextweb.com/ Name: V
Value: tDbKIUdS4Hpk
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1f8ea8eee441d30a
.sitescout.com/ Name: _ssuma
Value: eyI0IjoxNjQ1MjEyNDkxNTk4LCIzOSI6MTY0NTIxMjQ5MTU5OCwiNTEiOjE2NDUyMTI0OTE1OTh9
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1c92|7LJ.0.a19e455b-960d-4166-a6a3-8887ea03ef60|4is.0.CAESEM7K4g8gAVv3AevxCtDxsXM
.bing.com/ Name: MUID
Value: 2E0ADA334E7665E1140ACB7C4F5C64F4
.c.bing.com/ Name: MR
Value: 0
.zemanta.com/ Name: zuid
Value: yjwO1x5qEbtKmIpVpQ2t
.exelator.com/ Name: EE
Value: "ea3849bf41ee55e43e8ff8e90058d110"
.go.sonobi.com/ Name: __uin_td
Value: 0bf79414-7880-4cb1-93df-0406355863c9
.go.sonobi.com/ Name: __uin_zt
Value: 1783777311224324447
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE10djCxDIpzcQwNdXUNNXEONUiLc0i1dLAwNQixdDQYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiZ8fFRSlpDItKik8F729XBwCILyni"
.amazon-adsystem.com/ Name: ad-id
Value: AzwmE8W_fE1mm-3KoLDXnaY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAGsS5DU0MzE1MjQysTQ0NzReJYrEN7U0AADS3Mh6IAAAAA
.admixer.net/ Name: am-uid
Value: ee833199d26e4c6f984db7c195eb1fe3
.go.sonobi.com/ Name: __uin_bw
Value: 60e45fac-182d-4332-b0c1-f2271f9e3456
.linkedin.com/ Name: li_sugr
Value: 7286ae5c-9483-4917-a7d3-70d9eee48614
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&a59b75be-8de0-4c6e-88b7-87ba23901ed7"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2337:u=1:x=1:i=1645212491:t=1645298891:v=2:sig=AQETyUb2gj-vG9yrGKVQVBGGnEz3cOhu"
.go.sonobi.com/ Name: __uin_pp
Value: tDbKIUdS4Hpk
.go.sonobi.com/ Name: HAPLB8S
Value: s8525|Yg/zS
.tynt.com/ Name: uid
Value: NuSsn2IP80tlJFuWTJdGxQ==
.tapad.com/ Name: TapAd_TS
Value: 1645212491748
.tapad.com/ Name: TapAd_DID
Value: d1a02403-6be1-4453-a777-88e1dae30259
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-520c5f91-645d-4421-5c87-b4cb13f35ab9.Wu4627jqSQzWhms%2Bp6ayidK1jGZkhciMxRfzTQfK9HQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUgxfkWRdRCFch7TLE_NauZU4mb0.9JWY%2Fnb1QJo7uQMe848Dl7462ZWJGJJXnwNV1nexENk
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1645212491786%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1645212491786%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1645212491786%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1645212491786%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1645212491786%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1645212491786%7D%5D
.rlcdn.com/ Name: rlas3
Value: SPOPC0FWWzPhHww9ibE8BPPAEmweS9ptvSRWfbiVGU8=
.rlcdn.com/ Name: pxrc
Value: CAA=
.advertising.com/ Name: APID
Value: UPe9096352-90f0-11ec-8ce9-0a76a3100851
.acuityplatform.com/ Name: auid
Value: 648294877380
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM3+o11c2VyTWF0Y2hpbmdJZCQEkpFsYXN0RHJvcFRpbWVNaWxsaXMlAT9DSWYAuJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE/Q0lmALiPdGhpcmRQYXJ0eVVzZXJJZCH7+4Z2ZXJzaW9uwvs="
c.deployads.com/ Name: d7s_dc
Value: 43TTDb0bf79414-7880-4cb1-93df-0406355863c934XNDRK577072195254967445934bswtb60e45fac-182d-4332-b0c1-f2271f9e345634centp00efda57-3a70-436d-b7af-7ed9926898e6-620ff34b-43413
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCKSzjdfax7k6EAUSFgoHcnViaWNvbhILCILZktjax7k6EAUYASABKAIyCwjK1JuG8ce5OhAFOAFaB2YwdjM1ZXdgAg..
.analytics.yahoo.com/ Name: IDSYNC
Value: 190u~23b7
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1195
.bidr.io/ Name: bito
Value: AAGsOk7EH-cAAHW5BcdV8w
.bidr.io/ Name: bitoIsSecure
Value: ok
.dotomi.com/ Name: DotomiTest
Value: 82e2ee746821205
.adsymptotic.com/ Name: U
Value: 341f16a00debda7a147a5e669cd4f162
.go.sonobi.com/ Name: __uin_mm
Value: 8835620f-f34c-4400-a069-18b4d3d11fc1
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGGqEz8q7edW+1WuCoMxA8a+JUixCbOKdrjeqIaFd0ZTE2UkKs43umqgsOWSvKcST2gvCiOOnVoQ/ANjKiRLRc6Xy0rlaJuXhM=
.mathtag.com/ Name: uuid
Value: 6315620f-f34c-4100-ac95-afbb794738cd
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2J0QWJJR0d6STFTVkpFUTBaVWFGUnVWR2xKUWpGUVNWTmFWelJFZWt4TmM3b0dFUWltVGhJTU5qUTRNamswT0RjM016Z3d1Z1liQ0tsT0VoWkJRVWR6VDJzM1JVZ3RZMEZCU0ZjMVFtTmtWamgzdWdZZ0NLcE9FaHRWWjNobWExZFNaRkpEUm1Ob04xUk1SVjlPWVhWYVZUUnRZakM2QmdNSXJrNjZCZ01Jc0U2NkJsQUl3MDRTUzNrdFN6UTBSRzFaTlVVeWRVaGZSRUpaUjJGUGNTNUljMjl6V0dwSlZTNU5iMHArUVg1VlVHVTVNRGsyTXpVeUxUa3daakF0TVRGbFl5MDRZMlU1TFRCaE56WmhNekV3TURnMU1ib0dHQWpJVGhJVE1UYzRNemMzTnpNeE1USXlORE15TkRRME53PT0iLCJpYXQiOjE2NDUyMTI0OTJ9.ewsMHY7DCwrkd-pXNeMNxwyQW3H9B3Ff0s1MOSn0aquPACiYGZ4J1uz0ZSHuEOGnHjkjtDaKck4tAEuVlxKOJw

3 Console Messages

Source Level URL
Text
network error URL: https://tinyurl.com/mrczpmvu__;!!Iww4!2yF1FMiWAclirYuOfnJt3A18DiAdHjMuzL2Ul-cH4eAP0WagN1N4XE1JTHqFVn7_PDnh$
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=154029259&d_campaign=26086129&d_placement=308368675&d_site=3375178&c_advertID=6105463&d_bust=2365091678' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=k6B4LnqfM&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
ajax.googleapis.com
apex.go.sonobi.com
api.btloader.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.bing.com
c.deployads.com
c2shb.ssp.yahoo.com
cdn.adnxs.com
cdn.districtm.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
de.tynt.com
dmx.districtm.io
dsum-sec.casalemedia.com
e.deployads.com
eb2.3lift.com
ed53936bb70badb6a907c984e0494821.safeframe.googlesyndication.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
inv-nets.admixer.net
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
nym1-ib.adnxs.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
protected-by.clarium.io
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
scotiabank.demdex.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
tags-cdn.deployads.com
tinyurl.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
ums.acuityplatform.com
ups.analytics.yahoo.com
www.facebook.com
www.google.com
www.googletagservices.com
x.bidswitch.net
103.229.206.240
104.16.190.66
104.18.98.194
104.77.247.148
107.178.246.49
130.211.23.194
142.251.40.194
142.251.40.198
142.251.40.226
151.101.1.108
151.101.129.194
151.101.130.49
151.101.65.108
173.223.56.123
18.214.233.191
198.148.27.140
199.38.167.129
2001:4998:14:800::1000
204.62.13.72
209.54.180.3
216.152.140.200
23.208.46.198
23.216.84.240
2600:1f18:4e9:5a05:e85f:acb7:52bc:8c40
2602:803:c002:200::43
2606:4700:10::6814:8b41
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700::6810:5814
2606:ae80:1451:14::1080
2607:f8b0:4006:806::2006
2607:f8b0:4006:80c::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200a
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2607:f8b0:4023:1404::9b
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.218.215.219
3.233.68.37
34.102.163.6
34.117.239.71
34.149.20.76
34.232.21.36
34.235.17.126
34.236.83.94
34.237.108.132
35.190.60.146
35.211.178.172
35.71.131.137
35.71.139.29
47.252.78.131
52.0.156.250
52.70.253.5
52.85.61.107
54.159.196.118
54.175.87.114
54.81.207.173
54.89.44.121
67.202.105.24
67.202.105.31
68.67.179.133
68.67.179.155
68.67.181.207
69.166.1.10
69.166.1.14
69.173.151.100
69.90.254.78
70.42.32.95
8.43.72.97
8.43.72.98
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc12838af940d4edf501f71e490a1e35265950ee980492c754634dfda1e13b6
0c985e1006cfef7d361a2fb2f0e5e699e9455ca9f7d8e2143ba8c7e51e518f40
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ebf94d374976c3f405d9adb06a4f4df3cf78cdf0041f7ac8c021e6f4f055870
24af05d80b79f6c40d29c93f245aa39c13a8e128910cfc5c31d75b30b8b1adfe
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2826d39c65d62b5a37769b103a057c95f9dfe8ae48582b5f688e1b7239158708
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29cc5eadea13ad0eb2071f8c8592ab2d0db4ec72d9ddeadc0e8daa9a4e6e10aa
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b52069108538f85e5383cb62ea31d9bb0f1812685fc6d2cf7a364d885530fd1
30654a5cefc5bf2b0395feac49119e4129547fa6b35d418e0a8c2e0a61acf205
340ed74a140bf0c63db9fe62625c5cd6bf3e975267c76848cd79346a58f8b765
357d9b24729cf78b695745abb87e9a2144d8ce819cc3299170630e953e290de8
38e27f6cbe86b26bf65dff11b6d203ecc3231ddcd010cc89a3889f3c03bc3f73
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412f3961ce97612bc2e66d2bb2918eeb92b9cad33630264e2fc6cb30d10dc4e1
43ba8828a06da01148064fac188b245939b9ca40b687c0c429b093cb44e6d00a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0cfa2339d5dfbc45d7d822793dace984c9c3486e6ddc18705cd3cb0c894349
4fe6b45fe1347f4feb9242aa23aac1f33b50f6ca8bb81417fb7b3d1bf50e6178
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51ae7be962c4fe707f7656c27e1c7f7c09ff1379e6f29eeec92e739c1839e799
53619d17a1256e6b16ba90f198e162e8f36fb6ac37545798440e0b073fd44d62
54f6b72272a78eb9a9e3eed800fbef12e6f6e8fcc03c85d9b6a514f76c9d6f43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cb4c47a4eb4fc89f608e6317d1b67cdb5f00cb33018a6128d0a725ed4160f1
576b53c9f3ec344a3928dd797e12bf85270618c9677a2ade64fe98026fa128db
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5cff67ddd98ac4518c2f0ea17302f9a63dd4e8c24f7375427a6b396fffa218d1
5fa5b8164621b020075486cf6d1c64bacb0b8fb85638ad0fd5ff85c77da0fcbf
5fbd195fb6d9f8e94530a0d720b4a96dda93a7c870e77c62796651298ffd2f3c
5fe0a348ab1514f7e456a57a4c604299afedb144ac35409803a4277423de868a
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631946c6ebd6c9862f602972c10f42177103f3a42d54773b91d6619ba071d9b2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6cbe9fb1795798c6cde4ba690b43293b32fcb7091148cd99ff06904f1098095d
6cecdb612f8c75f219ba2dcea2774c1163da899b6a61379ee69a19a5dff27720
6e2ab2bf5a3a1ed693701e5df5a66d57ddd70ee5f7738961cf8d711b3f6d9f48
6e666155adc38b774e429caed499ae332417bf8de3a0818fc847b0fea0708ccd
76b9c411625467a424af978484aca8d01c34e33793d0995c14da20a8c087af8c
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
797350085864995eed89bec557819b77991a49df0d0e63d2ffcfacea3fed775e
7ac24339c6e8d9a395ba70fa3fb96e98ba312b882fabd204438592181beaf717
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833ab3a0156e5a5045af34689df4ff2c776a9af5dbe62f4a32de5c70419fd540
85ebd895fabbfa36b6a9fcb814836406fc9ab6b78031961579b43a28a831fa30
862aae49e4e3302a075e4392aabed73d8bf6c55b7aa374569cae4f1b840189cf
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
89640defe6150bf8371e31a662ecb9c56546c50b55ec3feab7152976489dd4fe
8bb5dc328dc0f0a8d3dca7c3c86926f957c162bcebd998ae2a24bd05d6fa1cc7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
950d74f4d58813a8cf61c47d04f1b5068b9ca1378e0dde97a340c5bc3540e2da
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ef0f2997c2aed02003c7634d8a5a26ac59bcd9df95fdb581517993ca35c689a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8
a2b893776ec1ee4cac0069638d2abbb5ffdd4a016347b18476145b9c50c95fba
a3636afe87be3a60594c39bac8b85382bfd7a79c030c9d48e6a062694ce7e74b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d66314b1bdcad68982a7e5bc364d36e228df70e739074d6aea58fb4b59e1eb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8cba0a196d49f8d22dd25f99b3c2fd4a112a52f1f93f38dc603212c9ed87629
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acad53e31ad29451802f07483a1d1c585e48a786604ec977850b4a9c47c3ee01
acef084c3bf3279537e37a0b2c70b716a4a13473cd833e5f1441d267ca6e3c78
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b671142b958b8d34d2dab62946a4cc305b840926d5ead88c91c2529489807670
b6c80a80ce4ce38dc9bb6ac62195c393b62d1de6ffb106a2579b19061c8a6c27
b87e9a11d9cbf38748c319752759e71aa4403286c8048b88bc54b13b65f51f0a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5
bfb767d1c07ff4acc02cfdb01d9b597969a42da5e0cb3c3dc82d8216b35e1872
cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0770572cebdb454faf21a005493e9274a9aa066143877988049a7a56e557ee8
d3a9533d8eee34c98243261e41bd747e88e60a357618e589d46ef95f359b372a
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e1246a7b313c3ce51bb6d105aa828db4191e45e8504041d24a79baea6065554a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f091ebfbb401cfe5a1d5385778aaa9b48be57b5cf41dda456fc2b0f8168a1
e9eddbb587d76472e15be5454499b8e95b60ac475c8b3f8f45010ba806f4f25e
e9eef8b3433f08b26118ce08d836337cf1db7a4e48b1183517d51caa17039f71
ebce6341134b7d969c126421e7ba8375b0e713e01eca4224f254f843c81805ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7fd454c63383ac2c47a3473a4ba903f837d60c3121511ff9703c6b3ae7ba502
f98be953ab95e15cd0e765f6e31a5ca84e6fe4b0a52f9e462e2e559da2e79a2c
ff50f1713a9c6e1d689024430f12c414a0c36c443525ced3b9b0f994aba0bc25