urlscan.io logo urlscan.io
SecurityTrails logo

www.theguardian.com Open in urlscan Pro
151.101.193.111  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people...
Submission: On August 12 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 116 IPs in 11 countries across 96 domains to perform 463 HTTP transactions. The main IP is 151.101.193.111, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.theguardian.com. The Cisco Umbrella rank of the primary domain is 10915.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q3 on September 16th 2024. Valid for: a year.
This is the only time www.theguardian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 72 151.101.193.111 54113 (FASTLY)
27 151.101.1.111 54113 (FASTLY)
22 176.34.135.104 16509 (AMAZON-02)
1 1 142.250.189.14 15169 (GOOGLE)
1 142.250.66.238 15169 (GOOGLE)
6 104.18.43.90 13335 (CLOUDFLAR...)
2 4 18.67.93.39 16509 (AMAZON-02)
1 184.31.253.201 16625 (AKAMAI-AS)
5 108.158.21.92 16509 (AMAZON-02)
4 13.35.147.41 16509 (AMAZON-02)
13 172.217.24.34 15169 (GOOGLE)
1 3 52.63.22.212 16509 (AMAZON-02)
4 108.158.32.77 16509 (AMAZON-02)
1 142.250.70.162 15169 (GOOGLE)
1 104.17.109.19 13335 (CLOUDFLAR...)
1 18.65.244.102 16509 (AMAZON-02)
2 104.26.1.90 13335 (CLOUDFLAR...)
4 162.19.138.82 16276 (OVH OVH SAS)
1 23.221.133.105 16625 (AKAMAI-AS)
1 3.175.115.46 16509 (AMAZON-02)
1 3.175.115.111 16509 (AMAZON-02)
1 23.201.142.89 16625 (AKAMAI-AS)
1 172.66.169.55 13335 (CLOUDFLAR...)
1 20.40.202.2 8075 (MICROSOFT...)
1 142.250.76.98 15169 (GOOGLE)
1 35.241.9.51 396982 (GOOGLE-CL...)
1 4 103.43.91.58 29990 (ASN-APPNEX)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 151.101.129.111 54113 (FASTLY)
14 54.253.228.139 16509 (AMAZON-02)
1 74.119.117.47 19750 (AS-CRITEO)
2 108.158.27.219 16509 (AMAZON-02)
2 172.217.24.36 15169 (GOOGLE)
1 142.250.70.227 15169 (GOOGLE)
1 3.175.115.80 16509 (AMAZON-02)
1 108.158.32.13 16509 (AMAZON-02)
1 54.66.219.11 16509 (AMAZON-02)
1 18.67.93.31 16509 (AMAZON-02)
1 57.129.92.143 16276 (OVH OVH SAS)
2 57.129.85.132 16276 (OVH OVH SAS)
1 142.251.221.66 15169 (GOOGLE)
1 17 98.82.156.207 14618 (AMAZON-AES)
2 15.197.196.10 16509 (AMAZON-02)
2 35.227.252.103 396982 (GOOGLE-CL...)
2 3.0.107.214 16509 (AMAZON-02)
2 104.18.27.193 13335 (CLOUDFLAR...)
2 69.173.158.65 26667 (RUBICONPR...)
2 74.119.117.12 19750 (AS-CRITEO)
4 74.119.117.17 19750 (AS-CRITEO)
1 135.125.146.86 16276 (OVH OVH SAS)
1 135.125.146.82 16276 (OVH OVH SAS)
2 51.195.34.255 16276 (OVH OVH SAS)
1 51.195.115.36 16276 (OVH OVH SAS)
2 135.125.146.80 16276 (OVH OVH SAS)
2 51.195.127.100 16276 (OVH OVH SAS)
1 135.125.145.78 16276 (OVH OVH SAS)
1 51.195.34.220 16276 (OVH OVH SAS)
1 51.195.73.113 16276 (OVH OVH SAS)
1 51.195.73.74 16276 (OVH OVH SAS)
1 51.195.73.71 16276 (OVH OVH SAS)
1 51.195.127.115 16276 (OVH OVH SAS)
1 51.195.126.30 16276 (OVH OVH SAS)
15 22 69.173.158.64 26667 (RUBICONPR...)
1 1 184.31.252.83 16625 (AKAMAI-AS)
2 13.213.133.6 16509 (AMAZON-02)
3 7 104.18.26.193 13335 (CLOUDFLAR...)
6 2.18.225.41 16625 (AKAMAI-AS)
4 104.16.56.62 13335 (CLOUDFLAR...)
11 57.183.43.40 16509 (AMAZON-02)
2 7 34.98.64.218 396982 (GOOGLE-CL...)
1 1 23.105.12.117 30633 (LEASEWEB-...)
6 7 103.43.90.117 29990 (ASN-APPNEX)
3 8 52.223.2.229 16509 (AMAZON-02)
4 67.199.150.81 62713 (AS-PUBMATIC)
1 6 23.106.50.38 59253 (LEASEWEB-...)
6 6 70.42.32.255 22075 (AS-OUTBRAIN)
3 3 70.42.32.63 22075 (AS-OUTBRAIN)
2 172.217.24.33 15169 (GOOGLE)
10 16 142.250.70.194 15169 (GOOGLE)
3 3 108.158.32.12 16509 (AMAZON-02)
13 13 52.223.40.198 16509 (AMAZON-02)
4 4 13.236.64.28 16509 (AMAZON-02)
3 18.206.26.127 14618 (AMAZON-AES)
1 1 47.253.61.56 45102 (ALIBABA-C...)
1 23.46.179.211 20940 (AKAMAI-AS...)
1 1 103.43.90.54 29990 (ASN-APPNEX)
13 54.179.195.13 16509 (AMAZON-02)
7 7 35.211.202.130 15169 (GOOGLE)
1 64.38.119.43 18568 (BIDTELLECT)
3 3 3.209.134.128 14618 (AMAZON-AES)
3 4 54.254.230.57 16509 (AMAZON-02)
2 2 3.221.117.8 14618 (AMAZON-AES)
2 169.197.150.7 398989 (DEEPINTENT)
2 2 74.214.196.131 19189 (PULSEPOINT)
1 2 23.106.127.38 59253 (LEASEWEB-...)
4 5 185.84.60.20 198622 (ADFORM Ad...)
1 1 124.146.153.164 2514 (INFOSPHER...)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
2 2 184.27.43.153 16625 (AKAMAI-AS)
6 184.31.253.153 16625 (AKAMAI-AS)
2 172.217.167.97 15169 (GOOGLE)
1 207.65.37.179 62713 (AS-PUBMATIC)
2 2 162.55.236.224 24940 (HETZNER-A...)
5 5 54.251.212.141 16509 (AMAZON-02)
2 2 46.137.251.248 16509 (AMAZON-02)
1 1 35.213.23.231 15169 (GOOGLE)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
1 204.62.12.186 46636 (NATCOWEB)
1 2 34.124.209.251 396982 (GOOGLE-CL...)
1 1 216.200.232.249 30419 (PAEDAE-INC)
15 104.36.113.107 62713 (AS-PUBMATIC)
1 2 44.239.208.182 16509 (AMAZON-02)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
8 9 95.173.218.112 60068 (CDN77 Dat...)
2 2 95.173.218.100 60068 (CDN77 Dat...)
2 2 37.157.6.237 198622 (ADFORM Ad...)
7 67.199.150.86 62713 (AS-PUBMATIC)
12 142.250.66.194 15169 (GOOGLE)
2 44.231.225.73 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
4 4 18.181.159.21 16509 (AMAZON-02)
2 2 80.77.87.166 46636 (NATCOWEB)
2 108.158.20.123 16509 (AMAZON-02)
4 18.244.214.42 16509 (AMAZON-02)
2 150.171.22.12 8075 (MICROSOFT...)
1 52.95.122.74 16509 (AMAZON-02)
1 131.153.206.101 59210 (PHOENIXNA...)
1 13.228.29.185 16509 (AMAZON-02)
1 172.64.146.152 13335 (CLOUDFLAR...)
18 54.145.238.124 14618 (AMAZON-AES)
4 207.65.33.76 62713 (AS-PUBMATIC)
1 104.18.25.18 13335 (CLOUDFLAR...)
2 2 15.197.193.217 16509 (AMAZON-02)
1 2 35.80.198.87 16509 (AMAZON-02)
1 150.171.27.10 8075 (MICROSOFT...)
1 1 183.177.68.211 10310 (YAHOO-1)
1 207.65.37.182 62713 (AS-PUBMATIC)
2 2 82.145.213.8 39832 (NO-OPERA ...)
1 1 151.101.66.58 54113 (FASTLY)
2 2 103.229.10.180 16509 (AMAZON-02)
1 2 151.101.130.49 54113 (FASTLY)
1 2 18.139.27.248 16509 (AMAZON-02)
1 1 98.83.180.91 14618 (AMAZON-AES)
1 35.186.193.173 396982 (GOOGLE-CL...)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 172.104.63.70 63949 (AKAMAI-LI...)
2 2 52.221.253.165 16509 (AMAZON-02)
2 2 172.64.150.63 13335 (CLOUDFLAR...)
2 2 18.139.40.15 16509 (AMAZON-02)
1 34.111.79.67 396982 (GOOGLE-CL...)
4 182.161.73.164 55569 (CRITEO-AS...)
1 1 142.250.204.2 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS ...)
1 1 74.119.117.16 19750 (AS-CRITEO)
1 1 182.161.73.146 55569 (CRITEO-AS...)
1 1 198.8.71.131 54312 (ROCKETFUEL)
1 220.150.223.50 4686 (BEKKOAME ...)
463 116
72    151.101.193.111 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.theguardian.com
assets.guim.co.uk
i.guim.co.uk
uploads.guim.co.uk
sourcepoint.theguardian.com
static.guim.co.uk
27    151.101.1.111 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.guim.co.uk
sourcepoint.theguardian.com
contributions.guardianapis.com
api.nextgen.guardianapps.co.uk
interactive.guim.co.uk
22    176.34.135.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
ophan.theguardian.com
1    142.250.189.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lax31s16-in-f14.1e100.net
www3.doubleclick.net
1    142.250.66.238 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net
marketingplatform.google.com
6    104.18.43.90 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
4    18.67.93.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-39.syd62.r.cloudfront.net
sb.scorecardresearch.com
1    184.31.253.201 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-253-201.deploy.static.akamaitechnologies.com
a.teads.tv
5    108.158.21.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-21-92.syd62.r.cloudfront.net
c.amazon-adsystem.com
4    13.35.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-41.syd1.r.cloudfront.net
au-script.dotmetrics.net
13    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f34.1e100.net
securepubads.g.doubleclick.net
ep1.adtrafficquality.google
3    52.63.22.212 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-22-212.ap-southeast-2.compute.amazonaws.com
secure-dcr.imrworldwide.com
secure-au.imrworldwide.com
4    108.158.32.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-77.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
1    142.250.70.162 (United States)

ASN15169 (GOOGLE, US)
PTR: mel04s02-in-f2.1e100.net
www.googleadservices.com
1    104.17.109.19 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    18.65.244.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-102.syd3.r.cloudfront.net
cdn.adsafeprotected.com
2    104.26.1.90 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
4    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    23.221.133.105 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-133-105.deploy.static.akamaitechnologies.com
at.teads.tv
1    3.175.115.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-175-115-46.syd3.r.cloudfront.net
config.aps.amazon-adsystem.com
1    3.175.115.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-175-115-111.syd3.r.cloudfront.net
rm-script.dotmetrics.net
1    23.201.142.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-142-89.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    172.66.169.55 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
1    142.250.76.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
googleads.g.doubleclick.net
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
4    103.43.91.58 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    151.101.129.111 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.guim.co.uk
14    54.253.228.139 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    74.119.117.47 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    108.158.27.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-27-219.syd3.r.cloudfront.net
aax.amazon-adsystem.com
2    172.217.24.36 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f4.1e100.net
www.google.com
1    142.250.70.227 (United States)

ASN15169 (GOOGLE, US)
PTR: mel05s02-in-f3.1e100.net
www.google.com.au
1    3.175.115.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-175-115-80.syd3.r.cloudfront.net
secure-gl.imrworldwide.com
1    108.158.32.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-13.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
1    54.66.219.11 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-219-11.ap-southeast-2.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    18.67.93.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-31.syd62.r.cloudfront.net
5rtywxprhxhrhqdhccp8lierawsel1754966675.nuid.imrworldwide.com
1    57.129.92.143 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
lbs.eu-1-id5-sync.com
2    57.129.85.132 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3249663.ip-57-129-85.eu
lb.eu-1-id5-sync.com
1    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
pubads.g.doubleclick.net
17    98.82.156.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-207.compute-1.amazonaws.com
s.amazon-adsystem.com
2    15.197.196.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae69789f15ba8a942.awsglobalaccelerator.com
direct.adsrvr.org
2    35.227.252.103 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    3.0.107.214 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-107-214.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
2    104.18.27.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    74.119.117.12 (United States)

ASN19750 (AS-CRITEO, US)
grid-bidder.criteo.com
4    74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    135.125.146.86 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip86.ip-135-125-146.eu
d0.eu-3-id5-sync.com
1    135.125.146.82 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip82.ip-135-125-146.eu
d1.eu-3-id5-sync.com
2    51.195.34.255 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip255.ip-51-195-34.eu
d2.eu-3-id5-sync.com
d4.eu-3-id5-sync.com
1    51.195.115.36 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip36.ip-51-195-115.eu
d3.eu-3-id5-sync.com
2    135.125.146.80 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip80.ip-135-125-146.eu
d5.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
2    51.195.127.100 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip100.ip-51-195-127.eu
d6.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
1    135.125.145.78 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip78.ip-135-125-145.eu
d7.eu-3-id5-sync.com
1    51.195.34.220 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip220.ip-51-195-34.eu
d0.eu-4-id5-sync.com
1    51.195.73.113 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip113.ip-51-195-73.eu
d1.eu-4-id5-sync.com
1    51.195.73.74 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip74.ip-51-195-73.eu
d2.eu-4-id5-sync.com
1    51.195.73.71 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip71.ip-51-195-73.eu
d4.eu-4-id5-sync.com
1    51.195.127.115 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip115.ip-51-195-127.eu
d6.eu-4-id5-sync.com
1    51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu
d7.eu-4-id5-sync.com
22    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    184.31.252.83 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-252-83.deploy.static.akamaitechnologies.com
cs.media.net
2    13.213.133.6 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-133-6.ap-southeast-1.compute.amazonaws.com
rtb.gumgum.com
7    104.18.26.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6    2.18.225.41 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-225-41.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    104.16.56.62 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
s.seedtag.com
11    57.183.43.40 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
ms-cookie-sync.presage.io
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
jp-u.openx.net
1    23.105.12.117 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
7    103.43.90.117 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
8    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
4    67.199.150.81 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    23.106.50.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
sync.smartadserver.com
rtb-csync.smartadserver.com
6    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.outbrain.com
2    172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f1.1e100.net
c88f4970dc9a2ab19d8dca443dcb3d76.safeframe.googlesyndication.com
ep2.adtrafficquality.google
16    142.250.70.194 (United States)

ASN15169 (GOOGLE, US)
PTR: mel05s01-in-f2.1e100.net
cm.g.doubleclick.net
3    108.158.32.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-12.syd3.r.cloudfront.net
cr-p3.ladsp.com
cr-p10.ladsp.com
13    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    13.236.64.28 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-236-64-28.ap-southeast-2.compute.amazonaws.com
ad.turn.com
3    18.206.26.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-26-127.compute-1.amazonaws.com
i.liadm.com
1    47.253.61.56 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gw-iad-bid.ymmobi.com
1    23.46.179.211 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-46-179-211.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
13    54.179.195.13 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
usersync.gumgum.com
7    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
1    64.38.119.43 (United States)

ASN18568 (BIDTELLECT, US)
bttrack.com
3    3.209.134.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-134-128.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    54.254.230.57 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-230-57.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    3.221.117.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-117-8.compute-1.amazonaws.com
sync.ipredictive.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ssbsync.smartadserver.com
5    185.84.60.20 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
1    124.146.153.164 (Tokyo, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    184.27.43.153 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-43-153.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    184.31.253.153 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-253-153.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    172.217.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f1.1e100.net
ep2.adtrafficquality.google
1    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    162.55.236.224 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
5    54.251.212.141 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-212-141.ap-southeast-1.compute.amazonaws.com
sync.1rx.io
2    46.137.251.248 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-251-248.ap-southeast-1.compute.amazonaws.com
sync.targeting.unrulymedia.com
1    35.213.23.231 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 231.23.213.35.bc.googleusercontent.com
r.bidswitch.net
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    204.62.12.186 (Clifton, United States)

ASN46636 (NATCOWEB, US)
sync.clearnview.com
2    34.124.209.251 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
1    216.200.232.249 (United States)

ASN30419 (PAEDAE-INC, US)
sync.mathtag.com
15    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    44.239.208.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-208-182.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
9    95.173.218.112 (Singapore, Singapore)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-95-173-218-112.datapacket.com
uipglob.semasio.net
sg.semasio.net
2    95.173.218.100 (Singapore, Singapore)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-95-173-218-100.datapacket.com
sa.semasio.net
2    37.157.6.237 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
track.adform.net
7    67.199.150.86 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
12    142.250.66.194 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
pagead2.googlesyndication.com
2    44.231.225.73 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-225-73.us-west-2.compute.amazonaws.com
protected-by.clarium.io
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
4    18.181.159.21 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-159-21.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    108.158.20.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-123.syd62.r.cloudfront.net
aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com
4    18.244.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-42.sfo53.r.cloudfront.net
static.adsafeprotected.com
2    150.171.22.12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    131.153.206.101 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
sync.a-mo.net
1    13.228.29.185 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-29-185.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    172.64.146.152 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
18    54.145.238.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-238-124.compute-1.amazonaws.com
dt.adsafeprotected.com
4    207.65.33.76 (Singapore)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    104.18.25.18 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.80.198.87 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-198-87.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    183.177.68.211 (Sydney, Australia)

ASN10310 (YAHOO-1, US)
PTR: e2-ha.ycpi.aue.yahoo.com
ups.analytics.yahoo.com
1    207.65.37.182 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    82.145.213.8 (Amsterdam, Netherlands)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    151.101.66.58 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.temu.com
2    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    151.101.130.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    18.139.27.248 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-27-248.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    98.83.180.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-83-180-91.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
1    35.186.193.173 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    172.104.63.70 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-63-70.ip.linodeusercontent.com
gocm.c.appier.net
2    52.221.253.165 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-253-165.ap-southeast-1.compute.amazonaws.com
pubmatic-match.dotomi.com
2    172.64.150.63 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    18.139.40.15 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-40-15.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
1    34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com
odr.mookie1.com
4    182.161.73.164 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ssp-sync.criteo.com
1    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
cm.g.doubleclick.net
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS IPROM d.o.o, SI)
core.iprom.net
1    74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
widget.as.criteo.com
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
Apex Domain
Subdomains		 Transfer
79 guim.co.uk
assets.guim.co.uk — Cisco Umbrella Rank: 24735
i.guim.co.uk — Cisco Umbrella Rank: 19474
uploads.guim.co.uk — Cisco Umbrella Rank: 82702
static.guim.co.uk — Cisco Umbrella Rank: 42099
interactive.guim.co.uk — Cisco Umbrella Rank: 29125
785 KB
38 pubmatic.com
aud.pubmatic.com Failed
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 583 Failed
ads.pubmatic.com — Cisco Umbrella Rank: 629
image6.pubmatic.com — Cisco Umbrella Rank: 782
simage2.pubmatic.com — Cisco Umbrella Rank: 999
image2.pubmatic.com — Cisco Umbrella Rank: 970
simage4.pubmatic.com — Cisco Umbrella Rank: 2592
image4.pubmatic.com — Cisco Umbrella Rank: 1342
67 KB
37 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 5398
pixel.adsafeprotected.com — Cisco Umbrella Rank: 810
static.adsafeprotected.com — Cisco Umbrella Rank: 796
dt.adsafeprotected.com — Cisco Umbrella Rank: 665
152 KB
36 theguardian.com
www.theguardian.com — Cisco Umbrella Rank: 10915
ophan.theguardian.com — Cisco Umbrella Rank: 21086
sourcepoint.theguardian.com — Cisco Umbrella Rank: 26280
232 KB
32 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 603
pixel.rubiconproject.com — Cisco Umbrella Rank: 440
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1119
eus.rubiconproject.com — Cisco Umbrella Rank: 696
token.rubiconproject.com — Cisco Umbrella Rank: 562
54 KB
31 doubleclick.net
www3.doubleclick.net — Cisco Umbrella Rank: 10230
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 265
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
pubads.g.doubleclick.net — Cisco Umbrella Rank: 496
cm.g.doubleclick.net — Cisco Umbrella Rank: 302
285 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 839
aax.amazon-adsystem.com — Cisco Umbrella Rank: 556
s.amazon-adsystem.com — Cisco Umbrella Rank: 369
aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com — Cisco Umbrella Rank: 21357
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1153
132 KB
17 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 1140
match.adsrvr.org — Cisco Umbrella Rank: 400
11 KB
15 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1344
usersync.gumgum.com — Cisco Umbrella Rank: 1742
5 KB
13 googlesyndication.com
c88f4970dc9a2ab19d8dca443dcb3d76.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 141
92 KB
12 criteo.com
grid-bidder.criteo.com — Cisco Umbrella Rank: 1135
gum.criteo.com — Cisco Umbrella Rank: 490
ssp-sync.criteo.com — Cisco Umbrella Rank: 951
dis.criteo.com — Cisco Umbrella Rank: 837
widget.as.criteo.com — Cisco Umbrella Rank: 52037
17 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 292
secure.adnxs.com — Cisco Umbrella Rank: 564
25 KB
11 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1449
sg.semasio.net — Cisco Umbrella Rank: 4372
sa.semasio.net — Cisco Umbrella Rank: 77905
6 KB
11 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 1133
5 KB
11 imrworldwide.com
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 6438
secure-au.imrworldwide.com — Cisco Umbrella Rank: 62563
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 4890
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2575
5rtywxprhxhrhqdhccp8lierawsel1754966675.nuid.imrworldwide.com
96 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 670
eb2.3lift.com — Cisco Umbrella Rank: 506
7 KB
9 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8717
sync.smartadserver.com — Cisco Umbrella Rank: 1218
ssbsync.smartadserver.com — Cisco Umbrella Rank: 776
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 756
4 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 596
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 620
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 671
18 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 593
u.openx.net — Cisco Umbrella Rank: 807
us-u.openx.net — Cisco Umbrella Rank: 569
jp-u.openx.net — Cisco Umbrella Rank: 18204
3 KB
9 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3834
api.permutive.com — Cisco Umbrella Rank: 2799
339 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 417
r.bidswitch.net — Cisco Umbrella Rank: 7338
2 KB
8 eu-4-id5-sync.com
d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 54589
d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 54101
d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 54684
d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 54580
d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 54427
d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 54527
d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 54880
d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 54642
1 KB
8 eu-3-id5-sync.com
d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 55091
d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 55027
d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 54575
d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 54754
d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 55194
d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 54720
d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 54955
d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 55104
1 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 753
track.adform.net — Cisco Umbrella Rank: 5140
4 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 513
1 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 765
4 KB
6 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1622
367 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 577
2 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 734
pbs.yahoo.com Failed
ups.analytics.yahoo.com — Cisco Umbrella Rank: 613
2 KB
5 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 404
ep2.adtrafficquality.google — Cisco Umbrella Rank: 435
26 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 566
cdn.id5-sync.com — Cisco Umbrella Rank: 918
35 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 58842
rm-script.dotmetrics.net — Cisco Umbrella Rank: 7157
35 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 700
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 260
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 883
2 KB
4 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1184
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 157
8 KB
4 guardianapis.com
contributions.guardianapis.com — Cisco Umbrella Rank: 26950
3 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 705
2 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 623
624 B
3 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 22753
cr-p10.ladsp.com — Cisco Umbrella Rank: 25234
1 KB
3 outbrain.com
b1sync.outbrain.com — Cisco Umbrella Rank: 821
2 KB
3 eu-1-id5-sync.com
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1258
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1002
931 B
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2841
collector.brandmetrics.com — Cisco Umbrella Rank: 2939
22 KB
3 google.com
marketingplatform.google.com — Cisco Umbrella Rank: 10333
www.google.com — Cisco Umbrella Rank: 5
631 B
3 guardianapps.co.uk
api.nextgen.guardianapps.co.uk — Cisco Umbrella Rank: 25284
8 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2075
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1352
s.tribalfusion.com — Cisco Umbrella Rank: 2820
1011 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4722
706 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 920
861 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 885
702 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 939
725 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 986
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 334
904 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 858
857 B
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1325
487 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 905
1 KB
2 rlcdn.com
id.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 565
837 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1303
814 B
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1098
693 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 771
2 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1031
83 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 994
958 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1747
at.teads.tv — Cisco Umbrella Rank: 6294
4 KB
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 11305
243 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 931
793 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7787
278 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1347
204 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 3405
590 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 23876
652 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6231
373 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 8357
344 B
1 temu.com
www.temu.com — Cisco Umbrella Rank: 726
526 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 165
689 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 779
2 KB
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1013
293 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 652
324 B
1 a-mo.net
sync.a-mo.net — Cisco Umbrella Rank: 1638
720 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1455
667 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 942
570 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1163
947 B
1 clearnview.com
sync.clearnview.com — Cisco Umbrella Rank: 2183
406 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2523
828 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1043
305 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 687
698 B
1 ymmobi.com
gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 2482
419 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 927
583 B
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 22127
64 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1003
13 KB
1 prmutv.co
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co — Cisco Umbrella Rank: 54558
389 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1378
22 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
23 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
0 loopme.me Failed
csync.loopme.me Failed
463 96
Domain Requested by
60 assets.guim.co.uk www.theguardian.com
assets.guim.co.uk
22 ophan.theguardian.com assets.guim.co.uk
18 dt.adsafeprotected.com
17 cm.g.doubleclick.net 11 redirects u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
eb2.3lift.com
17 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
s.seedtag.com
u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
ms-cookie-sync.presage.io
ads.pubmatic.com
15 simage2.pubmatic.com ads.pubmatic.com
15 match.adsrvr.org 15 redirects
15 pixel.rubiconproject.com 10 redirects rtb.gumgum.com
14 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.theguardian.com
13 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
13 i.guim.co.uk www.theguardian.com
12 pagead2.googlesyndication.com www.theguardian.com
ep2.adtrafficquality.google
pagead2.googlesyndication.com
11 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
ssbsync.smartadserver.com
ads.pubmatic.com
11 securepubads.g.doubleclick.net assets.guim.co.uk
securepubads.g.doubleclick.net
www.theguardian.com
pagead2.googlesyndication.com
10 ib.adnxs.com 6 redirects cdn.permutive.com
assets.guim.co.uk
rtb.gumgum.com
10 sourcepoint.theguardian.com assets.guim.co.uk
sourcepoint.theguardian.com
8 eb2.3lift.com 3 redirects assets.guim.co.uk
eb2.3lift.com
8 api.permutive.com cdn.permutive.com
7 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
7 token.rubiconproject.com 5 redirects eus.rubiconproject.com
7 x.bidswitch.net 7 redirects
6 pixel.tapad.com 4 redirects rtb.gumgum.com
6 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
ms-cookie-sync.presage.io
assets.guim.co.uk
6 b1sync.zemanta.com 6 redirects
6 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ms-cookie-sync.presage.io
ads.pubmatic.com
assets.guim.co.uk
6 cdn.confiant-integrations.net assets.guim.co.uk
cdn.confiant-integrations.net
aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com
5 uipglob.semasio.net 4 redirects
5 sync.1rx.io 5 redirects
5 creativecdn.com 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 cdn-gl.imrworldwide.com secure-dcr.imrworldwide.com
cdn-gl.imrworldwide.com
5 c.amazon-adsystem.com assets.guim.co.uk
c.amazon-adsystem.com
www.theguardian.com
4 ssp-sync.criteo.com
4 simage4.pubmatic.com ads.pubmatic.com
4 static.adsafeprotected.com www.theguardian.com
4 match.prod.bidr.io 4 redirects
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 sg.semasio.net 4 redirects
4 dpm.demdex.net 2 redirects s.amazon-adsystem.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 ad.turn.com 4 redirects
4 us-u.openx.net 1 redirects u.openx.net
4 image6.pubmatic.com ads.pubmatic.com
4 s.seedtag.com s.amazon-adsystem.com
s.seedtag.com
4 gum.criteo.com static.criteo.net
gum.criteo.com
assets.guim.co.uk
4 id5-sync.com assets.guim.co.uk
cdn.id5-sync.com
4 au-script.dotmetrics.net assets.guim.co.uk
au-script.dotmetrics.net
4 sb.scorecardresearch.com 2 redirects
4 contributions.guardianapis.com assets.guim.co.uk
4 www.theguardian.com 1 redirects assets.guim.co.uk
3 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
3 sync.srv.stackadapt.com 3 redirects
3 i.liadm.com ssum-sec.casalemedia.com
eb2.3lift.com
3 b1sync.outbrain.com 3 redirects
3 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
3 interactive.guim.co.uk
3 secure-dcr.imrworldwide.com assets.guim.co.uk
3 api.nextgen.guardianapps.co.uk assets.guim.co.uk
2 cm.adgrx.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 sync.crwdcntrl.net 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 t.adx.opera.com 2 redirects
2 px.ads.linkedin.com rtb.gumgum.com
eb2.3lift.com
2 aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com www.theguardian.com
2 cs.admanmedia.com 2 redirects
2 protected-by.clarium.io www.theguardian.com
2 track.adform.net 2 redirects
2 sa.semasio.net 2 redirects
2 idsync.rlcdn.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.richaudience.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects ms-cookie-sync.presage.io
2 bh.contextweb.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 secure.adnxs.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 ep1.adtrafficquality.google securepubads.g.doubleclick.net
2 sync.smartadserver.com 1 redirects s.seedtag.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
2 grid-bidder.criteo.com assets.guim.co.uk
2 fastlane.rubiconproject.com assets.guim.co.uk
2 htlb.casalemedia.com assets.guim.co.uk
2 tlx.3lift.com assets.guim.co.uk
2 rtb.openx.net assets.guim.co.uk
2 direct.adsrvr.org assets.guim.co.uk
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
assets.guim.co.uk
2 www.google.com ep2.adtrafficquality.google
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 cdn.brandmetrics.com assets.guim.co.uk
cdn.brandmetrics.com
2 uploads.guim.co.uk srcdoc
www.theguardian.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 widget.as.criteo.com 1 redirects
1 dis.criteo.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 odr.mookie1.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 cr-p10.ladsp.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 www.temu.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 c.bing.com eb2.3lift.com
1 js-sec.indexww.com assets.guim.co.uk
1 capi.connatix.com rtb.gumgum.com
1 match.sharethrough.com rtb.gumgum.com
1 sync.a-mo.net rtb.gumgum.com
1 aax-eu.amazon-adsystem.com rtb.gumgum.com
1 s.company-target.com 1 redirects
1 pippio.com s.amazon-adsystem.com
1 sync.mathtag.com 1 redirects
1 sync.clearnview.com ms-cookie-sync.presage.io
1 r.bidswitch.net 1 redirects
1 tg.socdm.com 1 redirects
1 bttrack.com rtb.gumgum.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 gw-iad-bid.ymmobi.com 1 redirects
1 jp-u.openx.net u.openx.net
1 c88f4970dc9a2ab19d8dca443dcb3d76.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ssbsync-us.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 d7.eu-4-id5-sync.com cdn.id5-sync.com
1 d6.eu-4-id5-sync.com cdn.id5-sync.com
1 d5.eu-4-id5-sync.com cdn.id5-sync.com
1 d4.eu-4-id5-sync.com cdn.id5-sync.com
1 d3.eu-4-id5-sync.com cdn.id5-sync.com
1 d2.eu-4-id5-sync.com cdn.id5-sync.com
1 d1.eu-4-id5-sync.com cdn.id5-sync.com
1 d0.eu-4-id5-sync.com cdn.id5-sync.com
1 d7.eu-3-id5-sync.com cdn.id5-sync.com
1 d6.eu-3-id5-sync.com cdn.id5-sync.com
1 d5.eu-3-id5-sync.com cdn.id5-sync.com
1 d4.eu-3-id5-sync.com cdn.id5-sync.com
1 d3.eu-3-id5-sync.com cdn.id5-sync.com
1 d2.eu-3-id5-sync.com cdn.id5-sync.com
1 d1.eu-3-id5-sync.com cdn.id5-sync.com
1 d0.eu-3-id5-sync.com cdn.id5-sync.com
1 hbopenbid.pubmatic.com assets.guim.co.uk
1 pubads.g.doubleclick.net
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 5rtywxprhxhrhqdhccp8lierawsel1754966675.nuid.imrworldwide.com
1 secure-gl.imrworldwide.com secure-au.imrworldwide.com
1 www.google.com.au
1 static.criteo.net securepubads.g.doubleclick.net
1 d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co cdn.permutive.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 cdn.id5-sync.com www.theguardian.com
1 secure.cdn.fastclick.net www.theguardian.com
1 rm-script.dotmetrics.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 at.teads.tv a.teads.tv
1 cdn.adsafeprotected.com assets.guim.co.uk
1 cdn.permutive.com assets.guim.co.uk
1 www.googleadservices.com assets.guim.co.uk
1 secure-au.imrworldwide.com 1 redirects
1 a.teads.tv assets.guim.co.uk
1 marketingplatform.google.com
1 www3.doubleclick.net 1 redirects
1 static.guim.co.uk
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 pbs.yahoo.com Failed eb2.3lift.com
0 cdnjs.cloudflare.com Failed www.theguardian.com
0 id.rlcdn.com Failed ms-cookie-sync.presage.io
0 csync.loopme.me Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 aud.pubmatic.com Failed
463 177
Subject Issuer Validity Valid
theguardian.com
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-09-16 -
2025-10-18		 a year crt.sh
ophan.theguardian.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-30		 a year crt.sh
confiant-integrations.net
WE1		 2025-07-01 -
2025-09-29		 3 months crt.sh
teads.tv
R10		 2025-07-29 -
2025-10-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2025-06-22 -
2026-07-20		 a year crt.sh
*.g.doubleclick.net
WE2		 2025-07-07 -
2025-09-29		 3 months crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2025-01-06 -
2026-02-07		 a year crt.sh
*.googleadservices.com
WR2		 2025-07-07 -
2025-09-29		 3 months crt.sh
permutive.com
WE1		 2025-07-19 -
2025-10-17		 3 months crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M02		 2025-03-21 -
2026-04-18		 a year crt.sh
brandmetrics.com
WE1		 2025-06-16 -
2025-09-14		 3 months crt.sh
id5-sync.com
E5		 2025-07-01 -
2025-09-29		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
secure.cdn.fastclick.net
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-06-08 -
2026-06-09		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2025-05-11 -
2026-06-11		 a year crt.sh
*.prmutv.co
E6		 2025-07-28 -
2025-10-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2025-02-21 -
2026-03-23		 a year crt.sh
api.permutive.com
R11		 2025-06-18 -
2025-09-16		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03		 2025-01-29 -
2026-02-28		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-06-12 -
2025-09-04		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-29		 a year crt.sh
*.google.com
WE2		 2025-07-07 -
2025-09-29		 3 months crt.sh
*.google.com.au
WR2		 2025-07-07 -
2025-09-29		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M03		 2025-04-23 -
2026-05-23		 a year crt.sh
eu-1-id5-sync.com
R11		 2025-07-01 -
2025-09-29		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-07-02 -
2026-06-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-19 -
2026-04-02		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M03		 2025-02-11 -
2026-03-12		 a year crt.sh
casalemedia.com
E6		 2025-08-04 -
2025-11-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-04 -
2026-04-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-06-25 -
2025-09-25		 3 months crt.sh
eu-3-id5-sync.com
E6		 2025-07-01 -
2025-09-29		 3 months crt.sh
eu-4-id5-sync.com
E5		 2025-07-01 -
2025-09-29		 3 months crt.sh
ad-exchange.k8s.sp.ggops.com
Amazon RSA 2048 M02		 2025-03-17 -
2026-04-15		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh
seedtag.com
WE1		 2025-07-27 -
2025-10-25		 3 months crt.sh
*.prod.cloud.ogury.io
E5		 2025-07-30 -
2025-10-28		 3 months crt.sh
adtrafficquality.google
WE2		 2025-07-07 -
2025-09-29		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2025-07-01 -
2026-07-29		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-12-25 -
2026-01-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2024-12-06 -
2026-01-07		 a year crt.sh
*.ad-server.k8s.sp.ggops.com
Amazon RSA 2048 M03		 2025-04-25 -
2026-05-24		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-09 -
2026-02-09		 a year crt.sh
clearnview.com
Go Daddy Secure Certificate Authority - G2		 2025-01-15 -
2025-10-07		 9 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2025-07-01 -
2025-12-24		 6 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M02		 2024-10-17 -
2025-11-16		 a year crt.sh
aax-events-cell02-wt.ap-southeast.aps.axp.amazon-adsystem.com
Amazon RSA 2048 M02		 2025-06-06 -
2026-07-05		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M04		 2025-03-26 -
2026-04-25		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-07-02 -
2026-06-29		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03		 2025-03-09 -
2026-04-07		 a year crt.sh
indexww.com
WE1		 2025-07-24 -
2025-10-22		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2025-03-16 -
2025-09-16		 6 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 07		 2025-06-12 -
2025-12-09		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-04-16 -
2026-05-18		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-07-15 -
2026-08-15		 a year crt.sh
*.iprom.net
R10		 2025-07-14 -
2025-10-12		 3 months crt.sh
sync-dsp.ad-m.asia
R10		 2025-06-10 -
2025-09-08		 3 months crt.sh

This page contains 82 frames:

Primary Page: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Frame ID: 9DF4C3855D4030B8839E7D13B28D8E56
Requests: 243 HTTP requests in this frame

Frame: https://uploads.guim.co.uk/2025/01/21/article-button.js
Frame ID: 9CC3C44F11B37B4FD397803ABA5CC6C5
Requests: 1 HTTP requests in this frame

Frame: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1
Frame ID: C875FB7A3553AEBA6469345237EF30B4
Requests: 8 HTTP requests in this frame

Frame: blob://https://www.theguardian.com/ab79135a-6ed8-45c3-a0e9-e03ddf38b4cf
Frame ID: FE48C225229EF583F273F7247B0B6A50
Requests: 1 HTTP requests in this frame

Frame: https://assets.guim.co.uk/commercial/tpc-test/v2/index.html
Frame ID: D7AF073A6FD23ED7B4F05C6E2807F66C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: EE10A0BEAE024D9512C9F618170F0D00
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: C9108F14AFE375DC7CE16DA1B3B561CD
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: F8BD0C52AAA92892C50F7206F12F4CD6
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&dcc=t
Frame ID: 869AE3922288F8364C3551878EACF306
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theguardian.com
Frame ID: 82F4F4326E6CF518F8580AEDABD25A2E
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 74AD583F14A92F0B51EE384BADCC35DF
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: B4A38C683BC2F40735D6C39CA53BD53A
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 1B6ADB253CE4B4BC4C3CCEE4A7BCF9BF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Frame ID: 69F9351295A1FE6FBC100B0B9A02F0EA
Requests: 9 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/amazon?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dseedtag.com%26id%3D%24USER_ID
Frame ID: 0CCAF76A329C5C79A6855C26534AEA0B
Requests: 6 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Frame ID: 7E52D4050A875DC0A9764864865506EA
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 71766DE140999DD6219E827539A69A92
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2652666511089198083&gdpr=0&gdpr_consent=
Frame ID: 536510A5D7D0B15A7A20BF9126B83C5F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2024682871925848210&ex=appnexus.com
Frame ID: 9B0BBF715731E5043B4BB37A4066CB09
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3873605382230314334603
Frame ID: AC177C81A3D9BEDA597C7F52F3EA9F28
Requests: 1 HTTP requests in this frame

Frame: https://c88f4970dc9a2ab19d8dca443dcb3d76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 2AA86A963F18B89DD422741813475B44
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=7306458255467672195&gdpr=&gdpr_consent=
Frame ID: 508EA1513D053D8E0B9A857149B4E81C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82OTg5MDljYi1hN2Y3LTQ1N2EtOTk2Yy02OGUzZGJhYTc5Mzc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 82254657317D8036750838A643D7E0B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9B88ABCE9EFE323622613995275AAB8D
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=565444fc-936b-4bea-a1c5-16544feb0ae6
Frame ID: 326C620A0D5975DCEB5211E793C1F2EA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=aJqqlsCo8IsAANdyKVUAAAAA
Frame ID: F1AFB7BB02D13102AF1F595F8004D3E3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RMp9tPL9zKVDVMZmR0GOvToZJhI8XwBlYjCDHMEtCY0&pi=gumgum&tc=1
Frame ID: 3DE5864C09669217598D1434BC49B399
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8BA7C95025B14516F4CE7BE442B29871
Requests: 20 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 6FE388F9AECC1ED24055458F97C73B57
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 931259833FDE9D56E9E97B16E1086372
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=
Frame ID: 932BD54CC953BDD5A66AF756A8665E64
Requests: 6 HTTP requests in this frame

Frame: https://sync.clearnview.com/sync.html?gdpr=0&gdpr_consent=&pubid=14&redirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fbrave_id%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: A5311A8F740482EB8DA72FD012DBB139
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=
Frame ID: F596EE8F3927A9B7CC30340351C250E1
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=
Frame ID: B7D63ED9582F9FC11B7FD703B819DC34
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: EDCEC4FDCA06D3146E1FC94838388CDF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:78aa689a-aa96-4d00-aee7-8042970cc38b&gdpr=0&gdpr_consent=
Frame ID: D0425C887D98B1CC8259EE8B5D549A9A
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: BFB1606D991AA60E6A541990CFCC222B
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
Frame ID: 59E249D52F9551B5E2A4B08E62D65BAE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3D%26pubmatic_id%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 505B4C6C6480AD1AA5C09B2745D7E9F5
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1cDctGKXv_2_S_xFtqFYH_lVvn59DDWIVMPazPq8SCJFldeKCN1K4q4-SB1LCb_B-xqNDGola66wpZtnCSvx3Xvgc3qye41BBEK0De878kYo4vSfrwxtAmt4j4soHkJPIYd_gdkZzKva1mVjObS9r89WPE4-tsA3dyrVcXn0icub63miR8v7sASbHEM_TbgMA1Ic9kDNqn_gI42rV-_QdcMN_pcvPhUEz8W7x78TLpUNdXktOxiP2UmVaIqprDmfl6JKDWD-u_i7GoaJ5R9EihSCiLP2eQ7w1Mnjde9tfe61uxUX1rFN2oM2pdD-wSjRbywBWgwEkEUh7Mja5EYSn2l92GEC_srRYc_rig7E_Sm2QJ7eVGd-SLsZdfh69I4H8PcWVPkS56-ImJodvihpM-M0PUYnkSSq5QPNcvSVD7SCgrI2i1AYuqlM15UX7Py8wiFZtbNcZLCsi7dahnTr6LKJ_DOg_&sai=AMfl-YRXt6d3q9-kH56CBveWBn882QysQjzfv8m2GlGQESlMvJuOJqKe-5GMQnMYsKEYUzlMjNE8nhPriPCI0O5V46iqo0bE-234SyV9xJrjDMcHfrBRZ9ZjTKHGQYodbzBnElcdeMKrSe52egGGxsdABd4F7Rwo_bP2QLAEn4bGp4-cwbEM9L0NgHZnZHEGptkMYmSVno70lwPjycjBCtyBYUvS96ftdY9nUsNtvXviRhyew1kRZLGfx7csibS4ygMiDQ0&sig=Cg0ArKJSzNHyW65Ur9pLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 75C9FBF734ADC629B9ED32E8BB4BD1DF
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10249&campId=970x250&pubId=4751525411&chanId=85574607&placementId=5317866223&pubCreative=138304903415&pubOrder=2673569684&custom=article&custom2=top-above-nav&custom3=au&adsafe_par&impId=48282be1-7726-11f0-8f66-8ae1a1b3060b
Frame ID: E745056FE489428488E83C9A801AE53F
Requests: 2 HTTP requests in this frame

Frame: https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/e/dtb/admi?b=JO_-tvRtlkf3T1SbyIgAyDkAAAGYnCpQjQUAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAeyXa7&rnd=4237970649641754966677915&pp=1i9kpog&p=3f54ao&crid=2307:uoaob3qf&ep=%7B%22ce%22%3A%221%22%7D
Frame ID: 61FB664E0B058D4DCDB46861C7344C73
Requests: 3 HTTP requests in this frame

Frame: blob://https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/f7bf47d5-09c1-49a8-af57-4156e3348d9c
Frame ID: 7EF212CBA648F328998DE0CED1D37593
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 9D33CE51AB2F8064BBAE649733DCA738
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQiNDtGOsbTUexHlM7mlnX6simCQ4xT_j6OBIy5D6SB56E6UCT8ab3ikkP7m6HfZrIbE1EIFqF63Cc_bPnqONTvOf3dcZR7M7PYOOmN1VPAama1TOpXnIagvrt4BPKTPAYd2rriE90KSby1CNDk60d20dqIlYdsU1KvN8vbOfZbw8AMc3kRoYQhDRdZbR9cxFPgZ47b0QaEfQglvFov034j7uxstgslkhMR5bz_HyY-c9RfjMP6IG5LoLZ-JjLM_jRMFJr6-YVoHRq03AEy4VicnLa2DTmdQEuMxPjk3fsbxnpuAcgiVwdAiod5i_rIlLrlqZjPmwRH_AeQS9U0-tTtd9f7XIC8ca29VEVwwRIii5ZZC9PJMlZvHLSt3yHyfHDQtzomZ99NS_HcPv96PH0iSgP1eRlOF-fdvaSSkpj448l-BkVDqG1UGuzfkJzM2sV7WcF4s78sQCJx8PNPawbyPtIl8o5&sai=AMfl-YTsgscBREeiGRvBQEbQWyJPyTImoFcZnxA3tcUMHGQj5W9Ca5DpJIA7_ziMznAiq91Vcs4OEnfFguLRs0C8dHxZNpSBBKudpyQro4rhCI9XEqMBg1eCaOwN93bhN82T7z7E0mHjDrjHoWF9k5995kQ5SYbrSRDNcd3M9UE5xl2hIXn5OZq1932KMuCFVMNL8HCYaAHmvgewTl963oVx67bAB68ke3XG76oQDe_G4eULYaRwmcCs1zWD7rVohTYg4uw&sig=Cg0ArKJSzFQ56FzNZzAGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3947569A815DD26E70A20BBC49E3CB13
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10249&campId=300x600&pubId=4751525411&chanId=85574607&placementId=5317872706&pubCreative=138304903547&pubOrder=2673903274&custom=article&custom2=right&custom3=au&adsafe_par&impId=4828796b-7726-11f0-953f-f2f32a18cd5b
Frame ID: D732B8C461D9027BAED67CB985966EBD
Requests: 2 HTTP requests in this frame

Frame: https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/e/dtb/admi?b=JDJy1F-IiOhXQfswtbC1lkYAAAGYnCpSjwUAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCKdbLL&rnd=1823788331101754966679524&pp=8rfaww&p=3f54ao&crid=2307:krxo1qhn&ep=%7B%22ce%22%3A%221%22%7D
Frame ID: C096701C8EFBBD347DA0829F1DF81B47
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: B18EDF994F1BD62FC85882F4E977EE4B
Requests: 1 HTTP requests in this frame

Frame: blob://https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/b335e058-f596-4b9c-b59a-55c56330eef8
Frame ID: 297DAC068E92C2B8E418030EFC7913A5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: ADA3C2F1C9F3833FF2CA7CEF9C4C7092
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9AB42D01BB3C7C394E5DAC74549E0BF8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Frame ID: BC5D8A111C11D90451720AD97E782F36
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.theguardian.com&us_privacy=1YNN&gpp=
Frame ID: 9E97AF566C3DF06D15525F1EA207A3F6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157203&us_privacy=1YNN
Frame ID: 0868681F6207FF6539942C8C5DB12D48
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2024682871925848210&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid=
Frame ID: B879C26555D4A02B22F0F81FBCDEE888
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2507349102497968926&gdpr=0&gdpr_consent=&us_privacy=1YNN
Frame ID: 13EEF45B50B02C11283667378BAFBEF2
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i08Em5hE2uUXe3t_EHLn9upDhf4jCBM-~A&gdpr=0&us_privacy=1YNN
Frame ID: BA65E593058FFD9DE85347FE6F30B29C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=UaNahTP864Hmd20IPTIb09P8frnDKwoiBXepoDwxLHg&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid=
Frame ID: 1E8DC160D7DCA5165E24DFEC5401C7DD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa4e09c6a5c99430e9885e39477b26271
Frame ID: 767E1E7A0756373D0243BE265F07678E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&us_privacy=1YNN&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DlwQwlkFEJsVAByQDAIEkFpSGMcVB0uVDVGHlW1E
Frame ID: 847553549C162B255CEC8E4872D70D45
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&piggybackCookie=7306458255467672195
Frame ID: B9503343CF4D133CACE9143452A92152
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aJqqmAAAAFIO9wAs
Frame ID: 76F16C5F823147E1104AAE7C87314E66
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75w8CirDUpREm6Je1BvjLLSV5EY&gdpr=0&gdpr_consent=
Frame ID: 667F80143393C7EFDC2B4253337A1D6C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=70ecc19f-2d87-4435-9481-5fea364312e5&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 72317B9B3C7F5D0FD97A614FA81446CB
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]&gdpr=0&gdpr_consent=
Frame ID: 603250EDC110E159C45247B59713F973
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1a7zsbgeazgx
Frame ID: C3CB7C90D0BCD1DDE39AC166E8642066
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AQ7uMlPmg6Pfks8AKGbGv3gm9c8AAAGYnCpk7A
Frame ID: 9B6CDB60A27E7944131547BED887CBC0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HegB6AFdDhKsfCWlmaqaaA
Frame ID: 280D15D74A65892BB2565E4E93FA0FDE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQANPCvawtjWZgIXTr01AQEBAQEBAQCZnStmNwEBAQEBAQEB&expiration=1755053081&nuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gpp_sid=&gpp=&is_secure=true&us_privacy=&gdpr_consent=&gdpr=0
Frame ID: 9B1F90245DD118451585D9B599E95318
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw
Frame ID: 8C7F04362371678C37E25A6F35A57A75
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel&gdpr=0&gdpr_consent=
Frame ID: 4DC4B5C29A187ABC91A88264160AE164
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4bb03ae2-7726-11f0-90a3-a3105051549f
Frame ID: C81C39A38327B27B397F29BE7D500521
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 8D04AEFA3B6B7528FE86624EA2B56191
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
Frame ID: 82F9A184321ADD5A0E8E27741B9B9D0B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: DF137DFC89761D5BCD63CC81C91C69CC
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: F2BDCCF3681875E28D59DC8EBE26B7E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Frame ID: E37C8773028A2ABCED08C48720A272C0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054412401938605
Frame ID: 6080A84B1EA0AB9E60D14690CE99EFD4
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 5C1941F1E0FC5D51F463974168952105
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004
Frame ID: 596AFE12787E66D366110B46D71785AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:954CA009A1244071A5C530B1BC3CBAD4&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: B3555FBBD0BFA53F6925D440161A08E3
Requests: 1 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=&pubmatic_id=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
Frame ID: C2CFC6A74B6B33F3C6A1160A91A1AFFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online shoppers warned of ‘dangerous’ weight-loss scam as ‘ghost stores’ impersonate real people to sell Ozempic-like treatments | Scams | The Guardian

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

463
Requests

81 %
HTTPS

0 %
IPv6

96
Domains

177
Subdomains

116
IPs

11
Countries

2865 kB
Transfer

9911 kB
Size

183
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://www3.doubleclick.net/ HTTP 301
  • https://marketingplatform.google.com/about/enterprise/
Request Chain 90
  • https://www.theguardian.com/ HTTP 302
  • https://www.theguardian.com/au
Request Chain 103
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 112
  • https://secure-au.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 136
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_fpcu=5b93acdf5fe74dcc9023b3dc7271727d&cs_it=b1&cv=4.13.0%2B2504041036&ns__t=1754966674936&ns_c=UTF-8&cs_cfg=1101110&cs_ucfr=1&comscorekw=australia-news&c7=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&c8=Online%20shoppers%20warned%20of%20%E2%80%98dangerous%E2%80%99%20weight-loss%20scam%20as%20%E2%80%98ghost%20stores%E2%80%99%20impersonate%20real%20people%20to%20sell%20Ozempic-like%20treatments%20%7C%20Scams%20%7C%20The%20Guardian&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_fpcu=5b93acdf5fe74dcc9023b3dc7271727d&cs_it=b1&cv=4.13.0%2B2504041036&ns__t=1754966674936&ns_c=UTF-8&cs_cfg=1101110&cs_ucfr=1&comscorekw=australia-news&c7=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&c8=Online%20shoppers%20warned%20of%20%E2%80%98dangerous%E2%80%99%20weight-loss%20scam%20as%20%E2%80%98ghost%20stores%E2%80%99%20impersonate%20real%20people%20to%20sell%20Ozempic-like%20treatments%20%7C%20Scams%20%7C%20The%20Guardian&c9=
Request Chain 180
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D1643%26segid%3D137631 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D1643%26segid%3D137631&rdf=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=1643&segid=137631
Request Chain 183
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&dcc=t
Request Chain 214
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
Request Chain 215
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3979682772440603000V10
Request Chain 217
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 221
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 222
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2652666511089198083&gdpr=0&gdpr_consent=
Request Chain 223
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2024682871925848210&ex=appnexus.com
Request Chain 224
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3873605382230314334603
Request Chain 228
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=ME7XUHV7-12-IF18
Request Chain 229
  • https://ib.adnxs.com/getuid?https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=$UID&consent=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2024682871925848210&consent=1
Request Chain 230
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Request Chain 231
  • https://b1sync.zemanta.com/usersync/seedtag?puid=01989c2a-567c-77ee-9784-5a1ff84fee43&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://b1sync.outbrain.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&puid=01989c2a-567c-77ee-9784-5a1ff84fee43&s=2&us_privacy= HTTP 302
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&obuid=7d8a73b2-fb18-4a02-bc00-f49e9ebc55ea&puid=01989c2a-567c-77ee-9784-5a1ff84fee43&s=2&us_privacy= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=__ZUID__&gdpr=0
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMhsLxkeZqvTkBCjUCYh8mI&google_cver=1
Request Chain 240
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeOeSquCbKFks8AKGbGv3gm9c8AAAGYnCpX6w
Request Chain 241
  • https://match.adsrvr.org/track/cmf/openx?oxid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2969feb4-c901-4188-9be5-ae61541f3b7e&ttd_puid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0&gdpr_consent=
Request Chain 242
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2507349102497968926&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 243
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=565444fc-936b-4bea-a1c5-16544feb0ae6&expiration=1757558677&gdpr=0&gdpr_consent=
Request Chain 246
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aJqqlYsFVecADLklAQveKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIQJwvjP3_dSZPL9bBzefFE&google_cver=1
Request Chain 247
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=aW5kZXhleGNoYW5nZQ==&gdpr=&gdpr_consent=&us_privacy=&callback=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D259%26external_user_id%3D%7Bym_user_id%7D%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT%7D%26us_privacy%3D%7BUS_PRIVACY%7D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=259&external_user_id=ym_user_ec497ec5-e18d-4bac-8aa1-37273cd1a351&gdpr=&gdpr_consent=&us_privacy=
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKy0PUrKzEceE8HRBVu4paU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=&gdpr_consent=&google_cver=1&google_gid=CAESEKy0PUrKzEceE8HRBVu4paU&google_hm=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&google_nid=index&gpp=&gpp=&gpp_sid=&gpp_sid=
Request Chain 252
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2024682871925848210
Request Chain 253
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_698909cb-a7f7-457a-996c-68e3dbaa7937&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=gumgum2
Request Chain 254
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=f55bfe62-8a9c-4b08-bc37-9867fb8c2ff6
Request Chain 255
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=75w8CirDUpREm6Je1BvjLLSV5EY
Request Chain 256
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-rcJDa7pE2pd_dCVG4LlsV_WK2fSf99ics6SW~A
Request Chain 257
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=c36a899b-3090-49a0-9ad2-000c1dba0615
Request Chain 259
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_698909cb-a7f7-457a-996c-68e3dbaa7937&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.outbrain.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_698909cb-a7f7-457a-996c-68e3dbaa7937&s=2&us_privacy= HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&obuid=55ba3868-2547-4349-b1ed-ff18c2217759&puid=a_698909cb-a7f7-457a-996c-68e3dbaa7937&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=__ZUID__
Request Chain 260
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=wj3SpJ4yFktt&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
Request Chain 261
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1216815371593180373
Request Chain 263
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=7306458255467672195&gdpr=&gdpr_consent=
Request Chain 266
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=565444fc-936b-4bea-a1c5-16544feb0ae6
Request Chain 267
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=aJqqlsCo8IsAANdyKVUAAAAA
Request Chain 268
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RMp9tPL9zKVDVMZmR0GOvToZJhI8XwBlYjCDHMEtCY0&pi=gumgum&tc=1
Request Chain 269
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 283
  • https://b1sync.zemanta.com/usersync/ogury/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Foutbrain_id%3D__ZUID__ HTTP 302
  • https://b1sync.outbrain.com/usersync/ogury/?cb=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Foutbrain_id%3D__ZUID__&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/ogury/?cb=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Foutbrain_id%3D__ZUID__&gdpr=0&gdpr_consent=&obuid=0fedb3e4-0d1a-490c-b8a8-d82642669595&s=2 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?outbrain_id=__ZUID__&gdpr=0
Request Chain 284
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3D&rd=1 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=5f4ad219-4cae-4f33-bfb9-1zz1754966582&gdpr=0&gdpr_consent=
Request Chain 285
  • https://creativecdn.com/cm-notify?pi=ogury&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=ogury&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?rtbhouse_id=UaNahTP864Hmd20IPTIb09P8frnDKwoiBXepoDwxLHg&pi=ogury&gdpr=0&gdpr_consent=&tc=1
Request Chain 286
  • https://sync.1rx.io/usersync2/rmpssp?sub=ogury&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=ogury&zcc=1&cb=1754966678086 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004&rndcb=7862010168 HTTP 302
  • https://sync.1rx.io/usersync/turn/2507349102497968926?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004?redir=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fnexxen_id%3DRX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?nexxen_id=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004
Request Chain 287
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=agyie4r&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?ttd_id=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=
Request Chain 288
  • https://x.bidswitch.net/sync?ssp=ogury&gdpr=0&gdpr_consent=&custom_data=init:ogy HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=ogury&gdpr=0&gdpr_consent=&custom_data=init:ogy HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=ogury&bsw_custom_parameter=70ecc19f-2d87-4435-9481-5fea364312e5 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=70ecc19f-2d87-4435-9481-5fea364312e5&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dogury%26bsw_param%3D70ecc19f-2d87-4435-9481-5fea364312e5 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dogury%252526bsw_param%25253D70ecc19f-2d87-4435-9481-5fea364312e5%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=565444fc-936b-4bea-a1c5-16544feb0ae6&ttd_puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dogury%2526bsw_param%253D70ecc19f-2d87-4435-9481-5fea364312e5%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=ogury&bsw_param=70ecc19f-2d87-4435-9481-5fea364312e5 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?gdpr=&gdpr_consent=&bidswitch_id=70ecc19f-2d87-4435-9481-5fea364312e5&ssp_data=init%3Aogy
Request Chain 289
  • https://ib.adnxs.com/getuid?https://ms-cookie-sync.presage.io/user-sync?xandr_id=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?xandr_id=2024682871925848210&gdpr=0&gdpr_consent=
Request Chain 295
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=
Request Chain 296
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=
Request Chain 298
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:78aa689a-aa96-4d00-aee7-8042970cc38b&gdpr=0&gdpr_consent=
Request Chain 301
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
Request Chain 302
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEEwRDMzNTFDLUVCMTYtNEY5Qy05RUZFLTMyMTdBM0RENTNBNBAAGg0IldXqxAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7e3fd3749a280e259d32f184c21d421ba18930810fdd1b293ba8419871e81d31791426b5417dce21&_=2
Request Chain 303
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=565444fc-936b-4bea-a1c5-16544feb0ae6 HTTP 302
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=565444fc-936b-4bea-a1c5-16544feb0ae6 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=2024682871925848210&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7306458255467672195&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=7306458255467672195&gdpr=0&gdpr_consent=&sInitiator=internal HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=semasio HTTP 302
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=75w8CirDUpREm6Je1BvjLLSV5EY&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=2024682871925848210&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7306458255467672195&sInitiator=internal&gdpr=0&gdpr_consent=
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTBEMzM1MUMtRUIxNi00RjlDLTlFRkUtMzIxN0EzREQ1M0E0&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oNM1HOsWT5ye_jIXo91TpA%3D%3D&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEEJfBlHCob3zbyZCEnPBx6I&google_cver=1
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
Request Chain 315
  • https://s.company-target.com/s/eqx?sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D152%26partneruserid%3DPARTNER_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=152&partneruserid=20332318-5630-4b72-8276-b1a1ebb71307
Request Chain 316
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=wrOdbigaDbHW&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 317
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC8DE7RNVUAABrOZHkNoQ&partnerid=127&gdpr=0
Request Chain 318
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b3b07469-b470-4c87-9700-63e32c8dfb5b&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 330
  • https://id5-sync.com/i/182/8.gif?o=api&id5id=ID5*k171rU1XIvxUWHf95jQH1kDR0c9Sqb2B-aJ2qLuWaqg8hTsF69HNYuUFGaq2g_gK&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/182/112/7/2.gif?puid=B1DBE549E5CD84C6&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/182/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/182/2/6/3.gif?puid=2024682871925848210&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/182/108/5/4.gif?puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=565444fc-936b-4bea-a1c5-16544feb0ae6&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/182/10/3/6.gif?puid=7306458255467672195&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/182/123/2/7.gif?puid=1989c2a6944-40f70000010d4feb&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEM_sq2JkhqCTQ4VsxWzsVho&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEM_sq2JkhqCTQ4VsxWzsVho&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2024682871925848210&opid=apx&ops=&utidl=tech:goo:CAESEM_sq2JkhqCTQ4VsxWzsVho&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A139380022699&gdpr=0&gdpr_consent=&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY
Request Chain 332
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=ME7XUHV7-12-IF18 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=ME7XUHV7-12-IF18
Request Chain 335
  • https://pixel.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=&khaos=ME7XUHV7-12-IF18 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=ME7XUHV7-12-IF18
Request Chain 336
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUU3WFVIVjctMTItSUYxOA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMg1hPTbQ5GEO60zhDq3wW4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUU3WFVIVjctMTItSUYxOA==&google_push=
Request Chain 337
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
Request Chain 339
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CHIwZtSssWtpRlyQBspSfMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YvGd7sdE2oLKVG41FqeK06vj6_q8NNwfiDBN1Q--~A
Request Chain 340
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=&expires=30
Request Chain 341
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjY5NWUwZjI4NGIzMTg0NTM0Yjg5Mjk5ZGE0NmQyOWRhY2UyMzYwOQ
Request Chain 342
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=ME7XUHV7-12-IF18
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENSu9lyNUN1uZW0JruUb_cs&google_cver=1
Request Chain 345
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABScE7RNVUAABuXw3kVZg&expires=30
Request Chain 346
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://sync.a-mo.net/setuid/magnite?uid=ME7XUHV7-12-IF18
Request Chain 347
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c36a899b-3090-49a0-9ad2-000c1dba0615&expires=30
Request Chain 348
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=ME7XUHV7-12-IF18
Request Chain 349
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=ME7XUHV7-12-IF18
Request Chain 350
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=ME7XUHV7-12-IF18&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 352
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=ME7XUHV7-12-IF18 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=ME7XUHV7-12-IF18
Request Chain 399
  • https://match.adsrvr.org/track/usersync?us_privacy=1YNN&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=565444fc-936b-4bea-a1c5-16544feb0ae6
Request Chain 405
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=565444fc-936b-4bea-a1c5-16544feb0ae6&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMGuor8aIZ-eC20tbKWAB1A&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 407
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3MzYwNTM4MjIzMDMxNDMzNDYwMw%3D%3D
Request Chain 408
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3MzYwNTM4MjIzMDMxNDMzNDYwMw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 413
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3873605382230314334603?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-f_ySqJ5E2oQxukifBclYTuY8BUWPfu6zdQEsteBYRg--~A&dongle=0883
Request Chain 417
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2024682871925848210&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid=
Request Chain 418
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2507349102497968926&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 419
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&redir=true&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i08Em5hE2uUXe3t_EHLn9upDhf4jCBM-~A&gdpr=0&us_privacy=1YNN
Request Chain 420
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=UaNahTP864Hmd20IPTIb09P8frnDKwoiBXepoDwxLHg&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid=
Request Chain 421
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=d5a997ede6de8adb&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub8730968190912 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa4e09c6a5c99430e9885e39477b26271
Request Chain 422
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid= HTTP 302
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid=&__qcmcs=1 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&us_privacy=1YNN&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DlwQwlkFEJsVAByQDAIEkFpSGMcVB0uVDVGHlW1E
Request Chain 423
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&piggybackCookie=7306458255467672195
Request Chain 424
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aJqqmAAAAFIO9wAs
Request Chain 425
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75w8CirDUpREm6Je1BvjLLSV5EY&gdpr=0&gdpr_consent=
Request Chain 426
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=&ct=y
Request Chain 427
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=565444fc-936b-4bea-a1c5-16544feb0ae6&ttd_puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f%2C%2C
Request Chain 428
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=
Request Chain 432
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=70ecc19f-2d87-4435-9481-5fea364312e5&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_69871789-91e7-40ef-9721-7b6a112e7702&bsw_param=70ecc19f-2d87-4435-9481-5fea364312e5&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=70ecc19f-2d87-4435-9481-5fea364312e5&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 434
  • https://cm.ambientdsp.com/cm/send?vc=pmj&gdpr=0&gdpr_consent= HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1a7zsbgeazgx
Request Chain 435
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AQ7uMlPmg6Pfks8AKGbGv3gm9c8AAAGYnCpk7A
Request Chain 436
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HegB6AFdDhKsfCWlmaqaaA
Request Chain 437
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=31f1967b63f122a7&is_secure=true&networkId=17100&version=1&nuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQANPCvawtjWZgIXTr01AQEBAQEBAQCZnStmNwEBAQEBAQEB&expiration=1755053081&nuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gpp_sid=&gpp=&is_secure=true&us_privacy=&gdpr_consent=&gdpr=0
Request Chain 438
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=$TF_USER_ID_ENC$&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=$TF_USER_ID_ENC$&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&u=${PUBMATIC_UID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw
Request Chain 440
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4bb03ae2-7726-11f0-90a3-a3105051549f
Request Chain 443
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=l3lARl8wR0VvTWg0Rmg1WDVBT01xU0ZqY2FjcnBLdEw1WUM4RXB2YXlJNWhsOTFvJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-XYChdgr_LTXtqtANyUJgNvB6FKyJLGUn6FIsQg HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=70ecc19f-2d87-4435-9481-5fea364312e5&ssp=criteo&gdpr=0&gdpr_consent=
Request Chain 444
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dKqgkdV94aHF5WHdBbjB2TGU5UkxNd25CNFBZQTRzZmF6U3ZneVNPZVV6bjklMkI2NUklM0Q%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=KqgkdV94aHF5WHdBbjB2TGU5UkxNd25CNFBZQTRzZmF6U3ZneVNPZVV6bjklMkI2NUklM0Q&u=2024682871925848210&gdpr=0&gdpr_consent=
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-XYChdgr_LTXtqtANyUJgNvB6FKyJLGUn6FIsQg&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dzCdDGl9RRkVyM2JxQTZTRWtxS1h1RXlVRGgzZGVKdVJlZVd6bGRFMHlielVSMHF3JTNE%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=zCdDGl9RRkVyM2JxQTZTRWtxS1h1RXlVRGgzZGVKdVJlZVd6bGRFMHlielVSMHF3JTNE&u=CAESEGO55iAMjYaHS-BGZSUL0TE&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 446
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2507349102497968926
Request Chain 447
  • https://cs.admanmedia.com/e805be652c9053b8f771665f0ac3c361.gif?puid=k-XYChdgr_LTXtqtANyUJgNvB6FKyJLGUn6FIsQg&redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dRuXq718wRFRidjJ0YnF6WjF1ZlJMWE0lMkJ1V1pxMlYwUnlVV0lWSHlWWEs2bFl3cmclM0Q%26u%3d%24%7bUSER_ID%7d&gdpr=0&gdpr_consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=RuXq718wRFRidjJ0YnF6WjF1ZlJMWE0lMkJ1V1pxMlYwUnlVV0lWSHlWWEs2bFl3cmclM0Q&u=${USER_ID}
Request Chain 453
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Request Chain 454
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054412401938605
Request Chain 456
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5456725411 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/565444fc-936b-4bea-a1c5-16544feb0ae6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004
Request Chain 457
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:954CA009A1244071A5C530B1BC3CBAD4&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

463 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
www.theguardian.com/australia-news/2025/aug/03/ 		439 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7b2c175b3410b0871382d4853903794601f46caa5362cd3a3619c2242b4f727
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
content-encoding
gzip
content-length
73711
content-security-policy
upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
content-type
text/html; charset=UTF-8
date
Tue, 12 Aug 2025 02:44:33 GMT
etag
W/"hash7435077388322606635"
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
link
<https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1>; rel=prefetch,<https://assets.guim.co.uk/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js>; rel=prefetch,<https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js>; rel=prefetch,<https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js>; rel=prefetch,,<https://assets.guim.co.uk/>; rel=preconnect,<https://i.guim.co.uk>; rel=preconnect,<https://j.ophan.co.uk>; rel=preconnect,<https://ophan.theguardian.com>; rel=preconnect,<https://api.nextgen.guardianapps.co.uk>; rel=preconnect,<https://hits-secure.theguardian.com>; rel=preconnect,<https://interactive.guim.co.uk>; rel=preconnect,<https://phar.gu-web.net>; rel=preconnect,<https://static.theguardian.com>; rel=preconnect,<https://support.theguardian.com>; rel=preconnect
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=(), clipboard-read=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-gu-dotcomponents
true
x-gu-edition
au
x-gu-frontend-git-commit-id
d8abf9a7e2b227899d2a54420a1e49662b7559c8
x-timer
S1754966674.531470,VS0,VS0,VE332
x-xss-protection
1; mode=block
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		0
795 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1
age
0
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lcy-egml8630086-LCY, cache-syd10126-SYD
x-cache-hits
0
vary
User-Agent, Accept-Encoding
strict-transport-security
max-age=31536000
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
x-timer
S1754966674.890765,VS0,VE270
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
152
frameworks.client.web.08a4f0f5eb5f6aab0bee.js
assets.guim.co.uk/assets/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js
etag
"c16c30d4db3ca51f0405be87ef5a5e4d"
x-amz-version-id
pheHLOmly0gB9cioeDeyDi2CC8LUN98F
age
490203
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 06 Aug 2025 10:31:39 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
6577
content-type
application/javascript
x-amz-id-2
hJTIPUPKrthKcUcQ0/cOe/R4K6F4pdLA4jdGaypOQxlj1aj2hrBau2vWwgDY5QYJlqgqValafeZTFzRtccZ7kQ==
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.897712,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
PQ48F830Y7K8D3YT
accept-ranges
bytes
access-control-allow-origin
*
content-length
20324
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
index.client.web.5805dd79c70fc1de5fea.js
assets.guim.co.uk/assets/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/index.client.web.5805dd79c70fc1de5fea.js
etag
"e00b92c82f5a689169a68106a523c675"
x-amz-version-id
Hpp0UresH07tvC1EYtMhoMVM580KHwMw
age
39799
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Mon, 11 Aug 2025 15:39:07 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
789
content-type
application/javascript
x-amz-id-2
6bOg2/HDp4CGxxMuiBtXYIJgFUAyGhCo7/p9xNjtiVosaRYdbaZHRgJWb7J9TASEOudDwXMw0DRe+cmXTTQ/wA==
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.897557,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
WN26SD83DHRG3J8H
accept-ranges
bytes
access-control-allow-origin
*
content-length
42938
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.standalone.commercial.js
assets.guim.co.uk/commercial/c82f1f518d37041a4261/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
etag
"e38be5c50e7db392aa10b97eb28d5ab7"
x-amz-version-id
OuqLLdTl57o49s1lKh.vkSqZKi67eOzC
age
55439
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Mon, 11 Aug 2025 11:19:01 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
922
content-type
application/javascript
x-amz-id-2
oGZr8G0XM5H8Zg4m9hJCCGXrp7iyEAVzJKu7cqpx8U0vLzqDS9AfvJXlZiBEyYtSyoma1PugLb+r0wl8L966JRpEbvKbc2LQll00qq1Er1Q=
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.910792,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
9VPTAA4F8193JJYB
accept-ranges
bytes
access-control-allow-origin
*
content-length
13708
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2
etag
"f5d54732577509c40f5a5a47f47aeab5"
x-amz-version-id
YMQfWIw3slofTRehxc45o_W9dcEYr7ZL
age
900810
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 05 Feb 2025 09:57:32 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
7464
content-type
font/woff2
x-amz-id-2
Ok/eX5/wpUTEGMBd7GIXJrNG+hINt5KKUqqdastDrhIQMsFN7NWiqLs/1mqsmtbIhNC+0jkH7MxltmB62zm1BDeoZs9OvA7s
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, immutable
x-timer
S1754966674.897732,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5XDT1EM9ACAWF3CP
accept-ranges
bytes
access-control-allow-origin
*
content-length
16492
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
GuardianTextEgyptian-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2
etag
"66184690aa8f829b88f8d7b855ec63fd"
x-amz-version-id
t6CnTYhEkTxddobFagnoerUYj1OEgLrD
age
631372
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 05 Feb 2025 09:57:27 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
7448
content-type
font/woff2
x-amz-id-2
D41mUSk9ZmlXnAps01mF+PHDFHlodovV0P5MAnNhx3s5aMui855CMsLhHwVWAapMdjxw1tMzvzo=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, immutable
x-timer
S1754966674.897718,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
NCS1XP4YK0D8ARDQ
accept-ranges
bytes
access-control-allow-origin
*
content-length
16792
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		168 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d98a90c5ca673bc086842e5cd3189cd2bbd9915b82b2f64fbd5211e9b0d6d79b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1
age
0
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lcy-egml8630086-LCY, cache-syd10126-SYD
x-cache-hits
0
vary
User-Agent, Accept-Encoding
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
x-timer
S1754966674.890765,VS0,VE270
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
152
frameworks.client.web.08a4f0f5eb5f6aab0bee.js
assets.guim.co.uk/assets/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b07c17de93cbb6cc2aa7391be0241052c7ddf8d8599fbeec425dbb4d9fa77382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js
etag
"c16c30d4db3ca51f0405be87ef5a5e4d"
x-amz-version-id
pheHLOmly0gB9cioeDeyDi2CC8LUN98F
age
490203
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 06 Aug 2025 10:31:39 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
6577
content-type
application/javascript
x-amz-id-2
hJTIPUPKrthKcUcQ0/cOe/R4K6F4pdLA4jdGaypOQxlj1aj2hrBau2vWwgDY5QYJlqgqValafeZTFzRtccZ7kQ==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.897712,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
PQ48F830Y7K8D3YT
accept-ranges
bytes
access-control-allow-origin
*
content-length
20324
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
index.client.web.5805dd79c70fc1de5fea.js
assets.guim.co.uk/assets/ 		149 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68b9844e8165cd51888510be23b1b3587737997e53b446482e368f368041dabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/index.client.web.5805dd79c70fc1de5fea.js
etag
"e00b92c82f5a689169a68106a523c675"
x-amz-version-id
Hpp0UresH07tvC1EYtMhoMVM580KHwMw
age
39799
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Mon, 11 Aug 2025 15:39:07 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
789
content-type
application/javascript
x-amz-id-2
6bOg2/HDp4CGxxMuiBtXYIJgFUAyGhCo7/p9xNjtiVosaRYdbaZHRgJWb7J9TASEOudDwXMw0DRe+cmXTTQ/wA==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.897557,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
WN26SD83DHRG3J8H
accept-ranges
bytes
access-control-allow-origin
*
content-length
42938
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.standalone.commercial.js
assets.guim.co.uk/commercial/c82f1f518d37041a4261/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60cca76417b9f93a7beddd6e63e41f9d7543b44da4df5f17710161319d06420d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
etag
"e38be5c50e7db392aa10b97eb28d5ab7"
x-amz-version-id
OuqLLdTl57o49s1lKh.vkSqZKi67eOzC
age
55439
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Mon, 11 Aug 2025 11:19:01 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
922
content-type
application/javascript
x-amz-id-2
oGZr8G0XM5H8Zg4m9hJCCGXrp7iyEAVzJKu7cqpx8U0vLzqDS9AfvJXlZiBEyYtSyoma1PugLb+r0wl8L966JRpEbvKbc2LQll00qq1Er1Q=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.910792,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
9VPTAA4F8193JJYB
accept-ranges
bytes
access-control-allow-origin
*
content-length
13708
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
print.css
assets.guim.co.uk/static/frontend/css/ 		75 B
451 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/css/print.css
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c49093d9ad901fb894a270ec95dd58f50b026647d06ff6b5008edf4096541ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/static/frontend/css/print.css
etag
"f759dfa5d84074b0ef8910bbb4f78ac7"
x-amz-version-id
B.C.ocI2AvfGWU6y0Hlq0GVmXw1gGqqG
age
3574943
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Tue, 01 Jul 2025 10:45:04 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
23306
content-type
text/css
x-amz-id-2
j+7GOZvJSqUkfBOn4kfIsrXAx8J/PDgpY1DTKKxAMFZ9bBJKKqXLW6VYdHBT2aGMS/mebnQs21S2ZrKq4Oivyy4Ui0Pfr+S+
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.910896,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
ESJPCSWG0MT4NYKA
accept-ranges
bytes
access-control-allow-origin
*
content-length
61
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
3024.jpg
i.guim.co.uk/img/media/8e1534584363ed136e20e3a7b509fbec6f3af86e/0_537_3024_2419/master/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/8e1534584363ed136e20e3a7b509fbec6f3af86e/0_537_3024_2419/master/3024.jpg?width=620&dpr=1&s=none&crop=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcf516dfd63b4e56a03ff2d71f1f6a19fb63eff738766c212902a506792e25a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=1787328 idim=3024x2419 ifmt=jpeg ofsz=44705 odim=620x496 ofmt=avif
x-amz-meta-bounds-y
537
etag
"4U+6siGlbACuprOmilAdBNJP8u4Qg49SoPQ/qn45Bf4"
age
934493
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
content-type
image/avif
x-served-by
cache-lcy-eglc8600067-LCY, cache-syd10126-SYD
x-cache-hits
4, 0
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
2419
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.927757,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
44705
fastly-io-served-by
vpop-etou8240198
x-amz-meta-bounds-width
3024
server
AmazonS3
x-amz-server-side-encryption
AES256
4033.jpg
i.guim.co.uk/img/media/d863a2ae5eee86b9b1c6604b59820944b39c1fea/830_111_4033_3225/master/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/d863a2ae5eee86b9b1c6604b59820944b39c1fea/830_111_4033_3225/master/4033.jpg?width=220&dpr=1&s=none&crop=5%3A3
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c3916fc271afd3c15c3d453fb2c4ce641a8935102ee549fceb809724afbfc51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=2881292 idim=4033x3225 ifmt=jpeg ofsz=3952 odim=220x132 ofmt=avif
x-amz-meta-bounds-y
111
etag
"wNNut+BU/hZuV+/yTZ52ZJsrmP5AFwvtOAEDLLSDZ34"
age
890735
x-cache
MISS, HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
content-type
image/avif
x-served-by
cache-lcy-egml8630078-LCY, cache-syd10126-SYD
x-cache-hits
0, 0
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
3225
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.927658,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
830
accept-ranges
bytes
access-control-allow-origin
*
content-length
3952
fastly-io-served-by
vpop-etou8240199
x-amz-meta-bounds-width
4033
server
AmazonS3
x-amz-server-side-encryption
AES256
2609.jpg
i.guim.co.uk/img/media/3e3ad96adcca2640407fb7b899926e8dbbdf8036/28_0_2609_2089/master/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/3e3ad96adcca2640407fb7b899926e8dbbdf8036/28_0_2609_2089/master/2609.jpg?width=220&dpr=1&s=none&crop=5%3A3
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47841d3bef116b44c0a4ec85b817dfbdb25d942555750ddd0afbd4732cd60e84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=1243771 idim=2609x2089 ifmt=jpeg ofsz=5797 odim=220x132 ofmt=avif
x-amz-meta-bounds-y
0
etag
"Dt+eYKpUv6Wan9kLSdO16lpIp1fG9CM/VkR5Pr8rhLw"
age
528343
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
content-type
image/avif
x-served-by
cache-lcy-egml8630096-LCY, cache-syd10126-SYD
x-cache-hits
14, 0
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
2089
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.927890,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
28
accept-ranges
bytes
access-control-allow-origin
*
content-length
5797
fastly-io-served-by
vpop-etou8240192
x-amz-meta-bounds-width
2609
server
AmazonS3
x-amz-server-side-encryption
AES256
2218.jpg
i.guim.co.uk/img/media/79cb4b7f539fcc61dc3064e9d7948e7ba9b432e8/206_0_2218_1775/master/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/79cb4b7f539fcc61dc3064e9d7948e7ba9b432e8/206_0_2218_1775/master/2218.jpg?width=220&dpr=1&s=none&crop=5%3A3
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e09b7e55654ff6fbc7610266261c974215790604db06027d87a4a6713e095af1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=936410 idim=2218x1775 ifmt=jpeg ofsz=5858 odim=220x132 ofmt=avif
x-amz-meta-bounds-y
0
etag
"Xe0nI89Cj6fvDFtm0j6xTP4gh5cWdU/943rgVihpDgU"
age
595396
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
content-type
image/avif
x-served-by
cache-lcy-eglc8600099-LCY, cache-syd10126-SYD
x-cache-hits
47, 0
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
1775
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.927897,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
206
accept-ranges
bytes
access-control-allow-origin
*
content-length
5858
fastly-io-served-by
vpop-etou8240193
x-amz-meta-bounds-width
2218
server
AmazonS3
x-amz-server-side-encryption
AES256
4522.jpg
i.guim.co.uk/img/media/6cd5ee0b82f90aa7d0116b57b751565743278304/1838_1684_4522_3620/master/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/6cd5ee0b82f90aa7d0116b57b751565743278304/1838_1684_4522_3620/master/4522.jpg?width=220&dpr=1&s=none&crop=5%3A3
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a864d51f285dfd3676b6f282fdc913c9f80450b90620f6e1f900f2722a44078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=3879735 idim=4522x3620 ifmt=jpeg ofsz=4142 odim=220x132 ofmt=avif
x-amz-meta-bounds-y
1684
etag
"sOE+1dwvIgawbvul9hORaISHFWjfrJ8z7PCmzx96mYA"
age
2172132
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
content-type
image/avif
x-served-by
cache-lcy-eglc8600082-LCY, cache-syd10126-SYD
x-cache-hits
3, 0
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
3620
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.927924,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
1838
accept-ranges
bytes
access-control-allow-origin
*
content-length
4142
fastly-io-served-by
vpop-etou8240192
x-amz-meta-bounds-width
4522
server
AmazonS3
x-amz-server-side-encryption
AES256
GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/

Response headers

x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2
etag
"5c9af23772b65de0d3f1fb8638c196b4"
x-amz-version-id
9ZQJCAgWOYFSJx59PGGr8p_OkdCvgZ1Z
age
2439509
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 05 Feb 2025 09:57:34 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
7373
content-type
font/woff2
x-amz-id-2
r9+u3t0Dr/RPj4T+lYreNp9W5U0XPh0DnoF/N0X6mmnRjn8nKHYFAw74XoyjOwueaYPSK4YwCZ9uFn26XCZkkg==
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, immutable
x-timer
S1754966674.976285,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
TD647JZ534J1TERH
accept-ranges
bytes
access-control-allow-origin
*
content-length
15416
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/

Response headers

x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2
etag
"227b6e4f26bef19d8f2815f6097b7b7c"
x-amz-version-id
5iLaCPZiCexCrYZZFWWf1NSjWkaQ1yNa
age
1842023
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 05 Feb 2025 09:57:34 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
7215
content-type
font/woff2
x-amz-id-2
Z8QWIwvc3tFV8u1b3u0wmAFx0j3i9W0iTVzflAyckAsLUsap05zeqKd1FiQ6p9fysgCXd8dH+n5yEYmFmfX7jVlUPwIZ/56B
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, immutable
x-timer
S1754966674.976430,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
PP79V4C82B3765PH
accept-ranges
bytes
access-control-allow-origin
*
content-length
17376
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
GHGuardianHeadline-Medium.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/

Response headers

x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2
etag
"08f5422d28aa5861fac0170cef914db8"
x-amz-version-id
IoOrOcb1bk2wyBcV3i5Eqo7dkP7DhSaI
age
637603
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 05 Feb 2025 09:57:33 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
7263
content-type
font/woff2
x-amz-id-2
3IVUNDMGI23Yd+7bQco64U0nss4nQITLFEIe2jKsiLGWH7hrYwCsUYjVsY6Ch3FJw0Q401sDkeo=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, immutable
x-timer
S1754966674.976401,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
QQEZEPJ3947Y1Z8R
accept-ranges
bytes
access-control-allow-origin
*
content-length
16612
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
GHGuardianHeadline-MediumItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/

Response headers

x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2
etag
"f1117595ec5a2cf9f3a9834f42e5fd08"
x-amz-version-id
5Yy8MOopERHyAObY8S1mReByChKVOh2N
age
807974
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 05 Feb 2025 09:57:33 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
5813
content-type
font/woff2
x-amz-id-2
5SVMGBWRFkkeSHyrkhLNnLmZoEORLTpzHZsFAzn9C6l2iuvqvADfXVpygEN1NqXxE7gE1hqXm6U=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, immutable
x-timer
S1754966674.976561,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
638B0X0AC81QYNR9
accept-ranges
bytes
access-control-allow-origin
*
content-length
19052
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
GuardianTextEgyptian-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Bold.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1bf42c2df6fa95e0806bccd64191d78325514d758c455c0d959913a25d6a101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://www.theguardian.com
Referer
https://www.theguardian.com/

Response headers

x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Bold.woff2
etag
"84fb7a78f703a6bea30d38248d76114e"
x-amz-version-id
H.EFJt3EKdQCKhGq.PAlmBjeOGClHm0A
age
3064113
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 05 Feb 2025 09:57:27 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
3964
content-type
font/woff2
x-amz-id-2
a7dowxF+G3nUv8pYSUY+g3ZOBssIj0IANMXsoJNvIRihxh2VhXRsJpM+ij1T9xZwSLf5jgZkNDY=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, immutable
x-timer
S1754966674.976529,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
F9RPZMBXMCK75BZ8
accept-ranges
bytes
access-control-allow-origin
*
content-length
17044
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
2011.jpg
i.guim.co.uk/img/media/8d0cc52086b67f46f31510deb73e09ca431cbf71/17_0_2011_1220/master/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/8d0cc52086b67f46f31510deb73e09ca431cbf71/17_0_2011_1220/master/2011.jpg?width=620&dpr=1&s=none&crop=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ca33bc1d5714c5ffe4c46580258513eb1a4bb78656e7af45fb87f68477419bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=548344 idim=2011x1220 ifmt=jpeg ofsz=28713 odim=620x376 ofmt=avif
x-amz-meta-bounds-y
0
etag
"LgT1G8KxHyfff7Mnet897J2GJ7z9MmJzNJm44i7IzPg"
age
943629
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
content-type
image/avif
x-served-by
cache-lcy-egml8630066-LCY, cache-syd10126-SYD
x-cache-hits
14, 0
vary
Accept, Accept-Encoding
fastly-stats
io=1
cache-control
max-age=31536000
x-amz-meta-bounds-height
1220
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.975156,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
17
accept-ranges
bytes
access-control-allow-origin
*
content-length
28713
fastly-io-served-by
vpop-etou8240197
x-amz-meta-bounds-width
2011
server
AmazonS3
x-amz-server-side-encryption
AES256
article-button.js
uploads.guim.co.uk/2025/01/21/ Frame 9CC3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads.guim.co.uk/2025/01/21/article-button.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b929381b8baf386cd06f592b2d93b0903488ad19d58240d4547e5afd6e9f926a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

etag
"cc00955e6860812a21cd6bb50fa294c4"
age
0
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Tue, 21 Jan 2025 18:05:47 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
6118
content-type
application/x-javascript
x-amz-id-2
aQHi+XKsmE/mxf9QnLVf4gcAgZ2UBZ6bRo6AaZJGJ4O7CUH5YLJGPeG3dKKUSk5xpu36SI5ogtY=
strict-transport-security
max-age=86400
cache-control
public, max-age=31536000
x-timer
S1754966674.996639,VS0,VE0
via
1.1 varnish
x-amz-request-id
SZB4DC5XJ2RB5A0K
accept-ranges
bytes
content-length
1962
server
AmazonS3
x-amz-server-side-encryption
AES256
white-arrow.svg
uploads.guim.co.uk/2023/11/03/ 		297 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.guim.co.uk/2023/11/03/white-arrow.svg
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39503b9cc4f0b365a8821935f3e73af8f0d338de174b3ff7bdf3f890e277c61b
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/

Response headers

etag
"2abfb8592e447533002545bb7dd9330a"
age
0
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Fri, 03 Nov 2023 15:59:10 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5923
content-type
image/svg+xml
x-amz-id-2
CBYX6J1WIGsTmGlbYXYyTbuxhYD4pmCN/CkXIPdfnervAteOVgkNNI8uMR/qjty4Q0zSvFRkjOI=
strict-transport-security
max-age=86400
cache-control
public, max-age=31536000
x-timer
S1754966674.025637,VS0,VE0
via
1.1 varnish
x-amz-request-id
P9P6DP74DKEEG5K6
accept-ranges
bytes
content-length
297
server
AmazonS3
x-amz-server-side-encryption
AES256
7542.client.web.dcced18c79af809262fa.js
assets.guim.co.uk/assets/ 		847 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/7542.client.web.dcced18c79af809262fa.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2efa43af8150efcf7258fd26181e027de4784a95045ff2ed4567f130ce461743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/7542.client.web.dcced18c79af809262fa.js
etag
"1227fdfa6b598939c3b7a90a5f4b481e"
x-amz-version-id
cZ6mmysZvHaHq4wgjTHukkUfyf51AM9Q
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:38 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5579
content-type
application/javascript
x-amz-id-2
eRPZ1JJVQvPwycOSzj7+syf/IqOBJkEO+JiX5NLa18enRcqvELBdG7is/X+BnF77JAbWWQYcClQueiEnPW+25h33l4FMc7YzY7BQ9yWX9x4=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.169671,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7PKW9NHFPMBPWY
accept-ranges
bytes
access-control-allow-origin
*
content-length
460
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
7254.client.web.cc44cdefadde9db17cc3.js
assets.guim.co.uk/assets/ 		852 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/7254.client.web.cc44cdefadde9db17cc3.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86ee2e38897c3d4b315d2398f585c3a0c6c7027a18c1c12c7669a872e7b7b421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/7254.client.web.cc44cdefadde9db17cc3.js
etag
"8ed1c596a0962f22a35b6615d5e17ed9"
x-amz-version-id
oSdwAdeTm2zwFLCDJyMST6AVA1snIXhb
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:37 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5596
content-type
application/javascript
x-amz-id-2
HbVQO37hFsaSPAOkO4EMjQzVYQC3PkQMYjxwyVKYpN6aRWfNRb5H+QRdmNdxFRYZF1ZPkbglac3oX4tYCmBAEQ==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.170119,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7YEZ18YR97Y7A1
accept-ranges
bytes
access-control-allow-origin
*
content-length
463
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
5627.client.web.1b7688de647268cb9edb.js
assets.guim.co.uk/assets/ 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/5627.client.web.1b7688de647268cb9edb.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28ae8b08606cc929908a20640c3a5a157fde26c94beaa4131105f69322943ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/5627.client.web.1b7688de647268cb9edb.js
etag
"d47e9695770b7e6f44cda13d51a17b2d"
x-amz-version-id
Razk5on_iGBbfVKuFyIL5Ou0wZEvyPNB
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:34 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5512
content-type
application/javascript
x-amz-id-2
Gpm9GNt+yEQBQ/WQGiO/UKdDFymVlAF9XZdI7br71h/QZ0enI6Edmd3BmeqGbp51t8zrzec3l7k=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.170524,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7RFMYXHMP029ZV
accept-ranges
bytes
access-control-allow-origin
*
content-length
550
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
3279.client.web.0dcc69eef6610312524a.js
assets.guim.co.uk/assets/ 		642 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/3279.client.web.0dcc69eef6610312524a.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44412a16caf1d954172ca29ae2b466a286eb61a6d79de90ddad6be9d02973d5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/3279.client.web.0dcc69eef6610312524a.js
etag
"67c9444add60159510a6b416e906a58f"
x-amz-version-id
RLgKSuzmIZoLV5e_1jODX_2JOK31_0Vo
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:28 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5561
content-type
application/javascript
x-amz-id-2
oTHczbj5cJ90OOTn7z8JSTg5BrMbo4JbMEDkDneY3LV38jnd73yAO4QiQf2mAhnCrY0hzmcmYjM=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.171043,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7PWD3CAC996VV3
accept-ranges
bytes
access-control-allow-origin
*
content-length
395
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
Metrics-importable.client.web.7de565d6a5d8ae2a49c8.js
assets.guim.co.uk/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/Metrics-importable.client.web.7de565d6a5d8ae2a49c8.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19cb8b23c8a5ccb4f9c747c22d276c7969c9b2ebc3f8c7fc58e68636b2695a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/Metrics-importable.client.web.7de565d6a5d8ae2a49c8.js
etag
"0dc2489e8defc97b9e126282a5c54d6c"
x-amz-version-id
w3J5mrd0fr7eQTXnTW4qH4SnxGuQBKDm
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:31 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5724
content-type
application/javascript
x-amz-id-2
Tk9rX2wKhfy1IKiNSJTFiirz1weSVrIf/7no2x5WNDYUaHfZB47p1yzRyBxiws067oT3M+VgJhc=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.182473,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7J9T8G7TTY8QJ1
accept-ranges
bytes
access-control-allow-origin
*
content-length
2162
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
SetABTests-importable.client.web.576e4b81328421fefd2d.js
assets.guim.co.uk/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetABTests-importable.client.web.576e4b81328421fefd2d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1278b39d8c3282c5d36b842c5e599a8f5a264b535955082bc893981d6411215c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/SetABTests-importable.client.web.576e4b81328421fefd2d.js
etag
"951e84e633c7ef73555aaa39eae5b2bc"
x-amz-version-id
3tMlquT8F4xJsbSGoPjEtMEyjtatYkkn
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:34 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5728
content-type
application/javascript
x-amz-id-2
rLHDUYS9FjUUrDkxAKcQIvGrbD5diigzzylvgOQhX1cCnfk/VjcgibHvKyzmzxeomtycS5BCLDyBNIuKmD+i7w==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.182543,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7V1CC0TMKNH0BC
accept-ranges
bytes
access-control-allow-origin
*
content-length
3389
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
SetAdTargeting-importable.client.web.3d19b0f9d628394a1525.js
assets.guim.co.uk/assets/ 		739 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetAdTargeting-importable.client.web.3d19b0f9d628394a1525.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75c4476d06c2130d4e9e95747dd85a62ccbb957c8d24f5e953279d6432a6f2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/SetAdTargeting-importable.client.web.3d19b0f9d628394a1525.js
etag
"de82364828529c432e5cf99eb67b8a9b"
x-amz-version-id
asASYHg_sQKW2tFXhYLZJ2kGwcx9zZ28
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:34 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5801
content-type
application/javascript
x-amz-id-2
5Ek4n2Yvga6UpMvm3uzD0yBl4A1RhZ34M3LFZhhznoBXeomc2arAh+DTHgnhOZoyLMChy1wo7sU=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.183008,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7M6JK5Q5WT0YA3
accept-ranges
bytes
access-control-allow-origin
*
content-length
457
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
4790.client.web.9f94d69b1be9d2375278.js
assets.guim.co.uk/assets/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/4790.client.web.9f94d69b1be9d2375278.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a53da74dca1ed5eb93843299c9fef9a7a5fc25d7175d3350c02dd824b89757c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/4790.client.web.9f94d69b1be9d2375278.js
etag
"831c05a310fe641bcfffb4aab1483c65"
x-amz-version-id
RTUZlD7IdlKMMxwGttIJVttXtPSh_vWK
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:31 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5766
content-type
application/javascript
x-amz-id-2
14RLfxxQM9lCE4xngkbJqnY+apRqzwbj67r+dq5NcVOCgvNdic7oC+e/sIhyoV9yfC6W6Nx+gKg=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.183440,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7S86QKP5WG5YSQ
accept-ranges
bytes
access-control-allow-origin
*
content-length
19408
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
4846.client.web.8144a83db757f6bb26d1.js
assets.guim.co.uk/assets/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/4846.client.web.8144a83db757f6bb26d1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c150305678cd165df80c58eca17844994981ad768e5d479abeb5f2c79ecd3c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/4846.client.web.8144a83db757f6bb26d1.js
etag
"23b0a30ecebe16b8a62f269f3eec1175"
x-amz-version-id
MVjzrZ5jXgFXeJSUhU0MxvVvv3SwUBRB
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:32 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5730
content-type
application/javascript
x-amz-id-2
fCzQnvF1iPNP2YDMBzhmQ7Wkb7XnwC0atFbRQTstkz7SXeNY8NlJPtBgj8uey65PQ7XKBqxmQ7A=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.187086,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7QB2QAS00CQYZ6
accept-ranges
bytes
access-control-allow-origin
*
content-length
3746
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
8961.client.web.676209d85e4c6e8aa500.js
assets.guim.co.uk/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/8961.client.web.676209d85e4c6e8aa500.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84a65ec866e77e4e214e4c9dacee2a35d7e7cfb954ff981624e4f6cabf5bcdfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/8961.client.web.676209d85e4c6e8aa500.js
etag
"155065b4e5de79361655d2a5a9ae9b6c"
x-amz-version-id
PxFcBIjcJ6FRYgen1UeuTmQSYOUWqZVw
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:41 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5752
content-type
application/javascript
x-amz-id-2
sybseszNLnAgDmTbMaXdSKLQAgBgPdHjSGzfcg3fYTntnSq5yvBUQ3SzjOwyluSbT0iYORH/Gt+rsUS8jiNoZ1P5IyqfJ+xH
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.187184,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7GW5891PZ3R59R
accept-ranges
bytes
access-control-allow-origin
*
content-length
3567
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
TopBar-importable.client.web.39470074e63681db705f.js
assets.guim.co.uk/assets/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/TopBar-importable.client.web.39470074e63681db705f.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16b6826fc1544613adf08774ae800ffc875ba2cd4cd0c726ae49b5db3c6ba888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/TopBar-importable.client.web.39470074e63681db705f.js
etag
"99a1209ac98169a0a547d02e3da85a2f"
x-amz-version-id
O2L0xlDgCqwu.Nb5ZCAQqq2aE2Yi7tkv
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:38 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5769
content-type
application/javascript
x-amz-id-2
+C2tp6GU7lb7LMOTioUlGoHULUmP1A9YycHL1WYDcRb3a9LHKItvRsWGpxUrJ3Q6TPQV3Kv/jS9SJuoV0Av+wtLnTb4qW/iu
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.187400,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7J1ZAC8HXNE4NJ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8286
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
2751.client.web.902afe1c14240f1ab68a.js
assets.guim.co.uk/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/2751.client.web.902afe1c14240f1ab68a.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37796865b425c9058cdfcdfc0c6311805b0079a898f250b4318a4c84d40a1649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/2751.client.web.902afe1c14240f1ab68a.js
etag
"df88c0048a1a509f06e529334dfa9433"
x-amz-version-id
OCia8fy3zcLSgYlvSvgb6CBCoapQ.Ne6
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:28 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5731
content-type
application/javascript
x-amz-id-2
DnXaV328mwhsUEfJFrmwWPsJomTznxx659Er6AhIFvIcZ83oZMoVV1piy6CWie0z9p9yHH6wGl2zgMwz/HqjC8pAWPDfE+Ppt69iF8TiYPo=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.187397,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7MKFGBTR0X6FM0
accept-ranges
bytes
access-control-allow-origin
*
content-length
3545
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
3844.client.web.df8a2b2f23ceb378f1d8.js
assets.guim.co.uk/assets/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/3844.client.web.df8a2b2f23ceb378f1d8.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71c902a33710ba428e5dbc3817da9f9a8c264b1844ff7bcfc07d1660e09bae13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/3844.client.web.df8a2b2f23ceb378f1d8.js
etag
"30ea57150ebb9cc264059c70df898a85"
x-amz-version-id
7kpc32sRvvoUmRjjwE4Gpozab.uxt3lT
age
490217
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:29 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5736
content-type
application/javascript
x-amz-id-2
rozxmIjZzF9bWCwYPLx13qqxUM6wDt4kGcrYKtD7Qeiqy3pXmoMJFiYVdud8RgUgGOqYx0RvGn5UozAcfONwVWY4DWw4Ac7M
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.187359,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
RM5HTH946BT9TN5F
accept-ranges
bytes
access-control-allow-origin
*
content-length
3292
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
6999.client.web.d4a0a6931115ad1dc4c5.js
assets.guim.co.uk/assets/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/6999.client.web.d4a0a6931115ad1dc4c5.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
952ae47c25f8e55a761b47e292348ba8ec1d7fa3e7e22d0cf13c6477a2367809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/6999.client.web.d4a0a6931115ad1dc4c5.js
etag
"a489556903ee6827befc9a5ac1a30154"
x-amz-version-id
i6JNORfUpZlsdTV.1sJf6.FZ1oQ98PMw
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:37 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5734
content-type
application/javascript
x-amz-id-2
hAHAIu95Z5MowjZtsR/QCyDFAda34bSrd3+9PABSJwmwFpSJvxtUp927ESQ8tf9Zw2GMtVivkmHy4DLLdoe2Zw==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.187721,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7RDMFFCZZCAT41
accept-ranges
bytes
access-control-allow-origin
*
content-length
5084
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
Titlepiece-importable.client.web.6bd1c6d0346b8dcd8ef3.js
assets.guim.co.uk/assets/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/Titlepiece-importable.client.web.6bd1c6d0346b8dcd8ef3.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a34680b40e578a4caf4f7b1b80e6fe96c9c46083cba05d3688e3e90ffa64df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/Titlepiece-importable.client.web.6bd1c6d0346b8dcd8ef3.js
etag
"0d52bbb4f343a4453e0daacaebb1acf9"
x-amz-version-id
vSKSYg7cBqieQ1jZnZGIGU82MPwurG6Q
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:37 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5763
content-type
application/javascript
x-amz-id-2
HMMC644Y02l91f7iDPW0TEqgwJR5kTNj20+3CxUrY+dCd9cn9r71lTV2RV4r1xDXD28y3LcbM6Y=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.187703,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7HHKFXCKZ5A2X2
accept-ranges
bytes
access-control-allow-origin
*
content-length
12716
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
1
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/1?v=17&platform=next-gen&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&ref=&visibilityState=visible&tz=-480&navigationType=navigate&viewId=me7xug30oi67f959097o
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&edition=AU
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&experiences=dotcom-rendering
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
wrapperMessagingWithoutDetection.js
sourcepoint.theguardian.com/unified/ 		137 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40304efd8698aa7840684208c5171db962d9c859d8d4d3ab893e1f70515e6496
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"aa48f140f871b9ec6b7c0fef683f4c7c"
age
3127
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Hit from cloudfront, MISS
x-amz-cf-id
f-2o1bjCpPk_YYdvcePG7_fCy8OnT3iiEBTUFl5APLsGQnkGcYb5ag==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript
x-served-by
cache-syd10126-SYD
x-cache-hits
0
last-modified
Thu, 07 Aug 2025 15:08:20 GMT
vary
accept-encoding, Accept-Encoding
strict-transport-security
max-age=300
cache-control
max-age=3600
x-timer
S1754966674.209379,VS0,VE1
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
7396.client.web.4680825dbb8096c74f5a.js
assets.guim.co.uk/assets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/7396.client.web.4680825dbb8096c74f5a.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
163cd200fcc9104b463b42c9e758d68867dd2126f2a40e9f473d36496c01d8fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/7396.client.web.4680825dbb8096c74f5a.js
etag
"22c682cb2dc878a5b6d6a0140b4af992"
x-amz-version-id
uHKrFPhQ4RTssFGp2NrfysNlujEF6VUW
age
490208
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:38 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
4246
content-type
application/javascript
x-amz-id-2
U1jn0jfCcv8p79FbvONabhJMVVhtX857pDbN4gUc9xNV37J4cuVaiOR/1ZDwF1sgKNsYNcBa9qUgQUM8fzNBypc1hxNGC5Sh
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.220331,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
DVJ18XCMVWG79QZZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2662
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
ShareButton-importable.client.web.d4af48353df664c34f71.js
assets.guim.co.uk/assets/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/ShareButton-importable.client.web.d4af48353df664c34f71.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53098314d78773754c5e7c68e6bdc9ec39a601d7df17b3b716b0e94e39010775
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/ShareButton-importable.client.web.d4af48353df664c34f71.js
etag
"b05cd367f3d86b61ca1fd498567099cc"
x-amz-version-id
L91.gsZV46T.NvDlMDd2lY8KWtw9ZjT6
age
490186
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:35 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
4242
content-type
application/javascript
x-amz-id-2
qt8wZXC7n/30mJUHryITKM+ZhPTkVIwmmF6emgb/YvC6Iqlp8Xmoxuvfb1yALO9gJ4CdcTWEpMSOUtJhhvPB5A==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.220433,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
7BVRK3HB5GPYKXXZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2045
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
5754.client.web.820a2e695231dca9a6b8.js
assets.guim.co.uk/assets/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/5754.client.web.820a2e695231dca9a6b8.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b31956ccebf00e0904ff7fa51575a9ae6e5354aeddf1534aaa67067d9314dbef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/5754.client.web.820a2e695231dca9a6b8.js
etag
"0d3173782c4d9f20bd0c4e6b7e611d41"
x-amz-version-id
Yz3k33Hdzoijku4QM_fXjlFlvsjgtEYx
age
46167
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Mon, 11 Aug 2025 13:52:30 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
656
content-type
application/javascript
x-amz-id-2
8blm0RckZkQY978NnmeMkpKtT2nXPLc2vFl1BfDpPAabzijTPsk/YdvUeuxyLMorJAiVdGPD4/Q=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.220591,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
MABG7XFC75KAVV68
accept-ranges
bytes
access-control-allow-origin
*
content-length
2661
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
7402.client.web.516d9a302a807573012c.js
assets.guim.co.uk/assets/ 		113 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/7402.client.web.516d9a302a807573012c.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4702440f32a1848615f0ed8e7d1b3b58b2773769c1974132cbd7c08f7f07f67a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/7402.client.web.516d9a302a807573012c.js
etag
"0ddb4f2b372df12092e22de94aaebe46"
x-amz-version-id
OY3M0dUXesKsd0iVd6RuSXdne1z_73mF
age
380239
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Thu, 07 Aug 2025 17:02:19 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
3872
content-type
application/javascript
x-amz-id-2
fZxOrtduNNBqE8DwzRm88gkPM00x+EwaGxXBuanOsDWurKNwvxg5BxeWsN0rMppuZFYq8EAuipINPVJq6ZBmLA==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.220601,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
0YG4C9AP56VRPRY5
accept-ranges
bytes
access-control-allow-origin
*
content-length
11633
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
6905.client.web.33eedac08494c9eebe7f.js
assets.guim.co.uk/assets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/6905.client.web.33eedac08494c9eebe7f.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9d6dc7ba14b313fd6ff094f16e56bb6b3122501be99d6d5722df72caffbec36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/6905.client.web.33eedac08494c9eebe7f.js
etag
"0cbf53a9d20c3e4f25fe499852bc89fe"
x-amz-version-id
IsDLLY8Y0u4kVQpPE.EzD1ihDVLpTBe1
age
477702
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 13:59:24 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
3239
content-type
application/javascript
x-amz-id-2
k+O1QdGEkUueOeDUko1my8BirzqWu2aBn8xcsPwkOIad5dOBnF+ndRqvjJWWl0v/nMEpPwmlUAc=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.221107,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
9T9RBXZX45HRCVM4
accept-ranges
bytes
access-control-allow-origin
*
content-length
2579
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
5854.client.web.e8f08b5ddb5e1347f617.js
assets.guim.co.uk/assets/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/5854.client.web.e8f08b5ddb5e1347f617.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f21b86c79457f69c074da8d279e560f70767f1718e47e60cc724185b730115c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/5854.client.web.e8f08b5ddb5e1347f617.js
etag
"e1b08e368f9f885d67a286f487f5f755"
x-amz-version-id
JkzJs_8C2ttdmsV4P2e38VWsF0ISlB6.
age
489769
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:41:25 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
3009
content-type
application/javascript
x-amz-id-2
X7vx3v2rRahFN02e9jXnPLOS1a0IEHAjkfsu/57tGpTDo+4abETEsVDyVxzMT+prYXod3ja7RpidseFbU39qSwqoIhCX6qYz
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.221265,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
M2DFW0FMT3H3FKKX
accept-ranges
bytes
access-control-allow-origin
*
content-length
5436
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
MostViewedRightWithAd-importable.client.web.74b5e5acafc4a1c46fbe.js
assets.guim.co.uk/assets/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/MostViewedRightWithAd-importable.client.web.74b5e5acafc4a1c46fbe.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aaeb3fac1ec4f3ce5ebf9dd2f3083fb499a9868292eec817f56704f646c0f39a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/MostViewedRightWithAd-importable.client.web.74b5e5acafc4a1c46fbe.js
etag
"1761f20ff684743c91c9e20ec902f201"
x-amz-version-id
zbRRIEt743N_qsJSQwRGRo__JF47v6H2
age
489967
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:31 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
1628
content-type
application/javascript
x-amz-id-2
y8XO5G8EFlEyVbBjzDzyLxYq19Ap6tMsMonwA+VtwAiDBYda8GRU9ixx2luDL59Y57dk2D3sajBC0gX3U1fkyEGQ6A6sET6F
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.221258,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
K9B9NPSK95DY2PCV
accept-ranges
bytes
access-control-allow-origin
*
content-length
6829
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&inPrivateBrowsingMode=false
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
ccpa.6bfa52fc651e022801ad.bundle.js
sourcepoint.theguardian.com/unified/4.37.1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/4.37.1/ccpa.6bfa52fc651e022801ad.bundle.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7334b47778373cbf752239182ccedf52a97d59ab75d4f6d217667d2c30e396e0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"b7ff6b02917fec14a45e1fa9641273e2"
age
387259
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Hit from cloudfront, MISS
x-amz-cf-id
CfmQEvhK96lao7jIpFadmS9gLWfF9JKqR_dGBFQaiEQ6qvFeNfXOYA==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript
x-served-by
cache-syd10126-SYD
x-cache-hits
0
last-modified
Thu, 31 Jul 2025 19:09:08 GMT
vary
accept-encoding, Accept-Encoding
strict-transport-security
max-age=300
cache-control
max-age=31536000
x-timer
S1754966674.281978,VS0,VE1
via
1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
meta-data
sourcepoint.theguardian.com/wrapper/v2/ 		73 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=13348&scriptVersion=4.37.1&scriptType=unified
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
c706e0e52c8c87b1f8568888522430b2312ce0d27fc3298b6637e1ee3e08caff
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

age
1888
access-control-allow-methods
GET, PUT, POST, DELETE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Hit from cloudfront, MISS
x-amz-cf-id
gUhNs4cIjvxLXDkk7TPGn5wZK-IkoJuxlcmU6yPYODbKrRlI_BX_7Q==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-syd10157-SYD
x-cache-hits
0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=3600, s-maxage=3600
x-timer
S1754966674.283147,VS0,VE1
access-control-allow-credentials
true
via
1.1 2bff6bbbee7da79c98259baccec11e2c.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
73
x-amz-cf-pop
SYD3-P2
x-powered-by
Express
messages
sourcepoint.theguardian.com/wrapper/v2/ 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22aus%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fau.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb%22%2C%22propertyId%22%3A13348%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&scriptVersion=4.37.1&scriptType=unified
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
d6d3a569834694c4362c27029e8b29160a57c089f7f5328b95d91a9310451d4f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
access-control-allow-methods
GET, PUT, POST, DELETE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Miss from cloudfront, MISS
x-amz-cf-id
xFngzQgxPkvbiEfPrfGLeiNDoLFAX-J_GMVC_KYL8ea1Q9UHGjCRmw==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-syd10157-SYD
x-cache-hits
0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=0, s-maxage=1200
x-timer
S1754966674.310255,VS0,VE218
access-control-allow-credentials
true
via
1.1 d5a7b4f0ce5b27d5b6750a1a5f7fd024.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-pop
SYD3-P2
x-powered-by
Express
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&attentionMs=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
header
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Tue, 12 Aug 2025 02:44:34 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-syd10157-SYD
x-timer
S1754966674.320696,VS0,VE292
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%22AuxiaSignInGate%22%3A%7B%22variantName%22%3A%22auxia-signin-gate%22%2C%22complete%22%3Afalse%7D%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
header
contributions.guardianapis.com/ 		647 B
795 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/4790.client.web.9f94d69b1be9d2375278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
e43a874f8a98d1858a06fa6e0cc040e2e4e8206a41fc2696384c48bee833a1b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

etag
W/"287-pk9zfqyWbE+VleRsu39++nhLpbk"
x-timer
S1754966675.616844,VS0,VE291
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.theguardian.com
x-cache
MISS
content-length
647
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
x-served-by
cache-syd10157-SYD
x-cache-hits
0
vary
Origin, Accept-Encoding
most-read-with-deeply-read.json
api.nextgen.guardianapps.co.uk/ 		23 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/most-read-with-deeply-read.json
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/MostViewedRightWithAd-importable.client.web.74b5e5acafc4a1c46fbe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ff1a4747cdeb2646a180312adea6390da52f7dbcc764f6a27b1d5af695b095f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"hash1838921770313775267"
age
0
x-cache
HIT, HIT
x-gu-frontend-git-commit-id
d8abf9a7e2b227899d2a54420a1e49662b7559c8
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json
x-served-by
cache-lcy-eglc8600038-LCY, cache-syd10157-SYD
x-cache-hits
3, 6
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
vary
Accept-Encoding,Origin,Accept
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private
x-timer
S1754966674.321210,VS0,VE0
x-gu-backend-app
onward
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.theguardian.com
content-length
5180
server
nginx
x-gu-geolocation
country:AU
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&performance=%7B%22dns%22%3A7%2C%22connection%22%3A6%2C%22firstByte%22%3A341%2C%22lastByte%22%3A11%2C%22domContentLoadedEvent%22%3A324%2C%22loadEvent%22%3A111%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D&renderedComponents=%5B%22header%22%2C%22topbar%22%2C%22sub-nav%22%2C%22section%22%2C%22meta-byline%22%2C%22rich-link%22%2C%22more-on-this-story%22%2C%22carousel-small%20%7C%20maxIndex-0%22%2C%22footer%22%5D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&performance=%7B%22dns%22%3A7%2C%22connection%22%3A6%2C%22firstByte%22%3A341%2C%22lastByte%22%3A11%2C%22domContentLoadedEvent%22%3A324%2C%22loadEvent%22%3A111%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
favicon-32x32.ico
static.guim.co.uk/images/ 		4 KB
730 B 		Other
General
Check archive.org
Download Go to
Full URL
https://static.guim.co.uk/images/favicon-32x32.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e03a5d0d004dff0145e9c39d2b6ff99a115669b71c27eed2f9b335fd64a489ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
"46bd2faa1ab438684a6d4528a655a8bd"
age
1843448
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Mon, 11 Feb 2019 15:02:22 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
56359
content-type
image/x-icon
x-amz-id-2
KPi1mQUKstW+YVWAOLgsGfiumlHwhGXXqUdDYaBV5iqeC1e7P/VIoLvEM7VNMBXAztZxrZrkbF8=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
max-age=86400
x-timer
S1754966674.330278,VS0,VE0
via
1.1 varnish
x-amz-request-id
W6017VA82P74BMSE
accept-ranges
bytes
access-control-allow-origin
*
content-length
496
fastly-restarts
1
server
AmazonS3
LightboxHash-importable.client.web.b078b89fbe6425a556ca.js
assets.guim.co.uk/assets/ 		628 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/LightboxHash-importable.client.web.b078b89fbe6425a556ca.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1983d9a53b2a4c137ef02489e015a8dd4bf8f069c80e8622b960592d93228a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/LightboxHash-importable.client.web.b078b89fbe6425a556ca.js
etag
"b01cf7b14555baa45e658b598c69d918"
x-amz-version-id
vzVxC3XuTQD0W.6omOvDYBy4pq4eGQ2F
age
490185
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:29 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
4838
content-type
application/javascript
x-amz-id-2
jcOyQNc3Jf6BUB4gefr9dzZ+fioRt7vBIBhY1fwSvqdKmmdD+tsM2Dc8OeVnWfIg69l/NVr7fMVW/9Q+lMqJ6Ym7au7K+pod
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.324399,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
7BVY4J6TETT1QE06
accept-ranges
bytes
access-control-allow-origin
*
content-length
398
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
FocusStyles-importable.client.web.d1c63cea283ac4d17b27.js
assets.guim.co.uk/assets/ 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/FocusStyles-importable.client.web.d1c63cea283ac4d17b27.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fed35d9b6f4ba5f33542b58465249449b37424b0aca86f9ac797333eb11d0ad1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/FocusStyles-importable.client.web.d1c63cea283ac4d17b27.js
etag
"7ef8f1be0ee875402a4917616150e33d"
x-amz-version-id
OmvN7YpoNgRsxmXS55inFmRrBihxBowK
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:49 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5543
content-type
application/javascript
x-amz-id-2
8ExoGahFiYl4p7ooeixPUrcA7O6CwEKNAIKkkC2yn9/jLGS/oorGqy6rI81IbkJ7vyLtwFKjQeWgik6m0/dwA/uOhVWu5UP06JlY1EnwyDM=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.324591,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
HGYWP1M6TWEYQDWA
accept-ranges
bytes
access-control-allow-origin
*
content-length
553
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
AlreadyVisited-importable.client.web.e56194e3cce0c5b5c3b2.js
assets.guim.co.uk/assets/ 		604 B
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/AlreadyVisited-importable.client.web.e56194e3cce0c5b5c3b2.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7d22a85a515a14a12abd25429bd651cc137c0e434cd8cc7fd0615428509936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/AlreadyVisited-importable.client.web.e56194e3cce0c5b5c3b2.js
etag
"b6d664b3e551e428479e6c5239c61425"
x-amz-version-id
Pr8EF3PgSrOKtCS2ATUpBAhulx3yNnNH
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:44 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5575
content-type
application/javascript
x-amz-id-2
7YiPjskor07xnfdoNc1qT5IJ13vezifv4yaW4wBbgGhjfnXJRelwJXd08cKYnqsYqFxHVpUjyZrzKC+1zr13H5mPKJL0MUSSUT34DeeninY=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.324574,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
HGYKZ5FMKF0H48NF
accept-ranges
bytes
access-control-allow-origin
*
content-length
382
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
BrazeMessaging-importable.client.web.49f4cd7cf3df67423d70.js
assets.guim.co.uk/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/BrazeMessaging-importable.client.web.49f4cd7cf3df67423d70.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1d4b81b54f7f5723611087abe7c7668a86885c33df83ab99d984cbe2480db7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/BrazeMessaging-importable.client.web.49f4cd7cf3df67423d70.js
etag
"8889979e26636ec1cb75a832fe13ae45"
x-amz-version-id
Jx9blfp_otInTXPwfHQwQwyASJB.Yzg6
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:46 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5483
content-type
application/javascript
x-amz-id-2
Qduhz/6zOgnMtmzKsoBlA4mGKD/OFpVMChDZs0R3v03dHk7XQye95EBSMz2+UmCKW4Z5MPoZNgpdbSI39SXL9A==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.324556,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
HGYYMX94N1VGVSK2
accept-ranges
bytes
access-control-allow-origin
*
content-length
1607
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
ReaderRevenueDev-importable.client.web.0928147325d90c0d4cc4.js
assets.guim.co.uk/assets/ 		785 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/ReaderRevenueDev-importable.client.web.0928147325d90c0d4cc4.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aac1276da83832840f3298c4a68b8726cd65ea6a1844bb0329b378a0e9c5465b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/ReaderRevenueDev-importable.client.web.0928147325d90c0d4cc4.js
etag
"88de84b1c67b70b26d1a1f7fd4d71711"
x-amz-version-id
hDq_nkZBN7aIE0vhM08SFhnyixQ2197T
age
490208
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:32 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5533
content-type
application/javascript
x-amz-id-2
yZHRfcuckYYYCnquOk3l3Q6xSGyoRRMhQ2qLhAM/KGRpA7uTQ4Eu7V9RBJtbx886bin4ZOLY+1BMZmPFdqHmKykc/+KHmycFWsPgazShF+c=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.324828,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
5V7NB32TE9QC4S8A
accept-ranges
bytes
access-control-allow-origin
*
content-length
442
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
RichLinkComponent-importable.client.web.262f74b98392968ecc90.js
assets.guim.co.uk/assets/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/RichLinkComponent-importable.client.web.262f74b98392968ecc90.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eddf73ceef2aba5a4ccc91b7cc0a77ef2ea93cb242049b6e1b958a1404adeec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/RichLinkComponent-importable.client.web.262f74b98392968ecc90.js
etag
"406d0b2fab12e2f19c1149cc65c8f965"
x-amz-version-id
WYHVGwbpPwtWueJqP_tzGbC3KsTTiA3F
age
490185
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:33 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
3520
content-type
application/javascript
x-amz-id-2
c5+Ll3Am5HAqyYV2VJgHUApdXE/k8l40NZT67DDv3dx5t/IjTwOZnY/51I/Xi1GEz2xu1CMuUqfZHph/uzcN3Q==
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.325514,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
7BVNBBWDHQJT8DVX
accept-ranges
bytes
access-control-allow-origin
*
content-length
5689
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
5545.jpg
i.guim.co.uk/img/media/a14afdbb4704d0c1753516bb009886d75295037d/1276_358_5545_4436/master/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/a14afdbb4704d0c1753516bb009886d75295037d/1276_358_5545_4436/master/5545.jpg?width=140&dpr=1&s=none&crop=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df90339eae1aae431750e46e088e56d112f5f4d594c1be3085406ef53be3e635

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=6460743 idim=5545x4436 ifmt=jpeg ofsz=3386 odim=140x112 ofmt=avif
x-amz-meta-bounds-y
358
etag
"Zip3sZDzUoev79fO9+c4qOjzg47j7/ziL/iiTv2DVVE"
age
4922
x-cache
MISS, HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/avif
x-served-by
cache-lcy-eglc8600076-LCY, cache-syd10126-SYD
x-cache-hits
0, 25
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
4436
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.344709,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
1276
accept-ranges
bytes
access-control-allow-origin
*
content-length
3386
fastly-io-served-by
vpop-etou8240196
x-amz-meta-bounds-width
5545
server
AmazonS3
x-amz-server-side-encryption
AES256
3120.jpg
i.guim.co.uk/img/media/b63793fab89d9248d7e07d9b0ad282f096e891cd/312_0_3120_2496/master/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/b63793fab89d9248d7e07d9b0ad282f096e891cd/312_0_3120_2496/master/3120.jpg?width=140&dpr=1&s=none&crop=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ef3732bd00d912fc059396811ff1d82fa44f515a9a2465668e5623580160d79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=1290448 idim=3120x2496 ifmt=jpeg ofsz=3698 odim=140x112 ofmt=avif
x-amz-meta-bounds-y
0
etag
"eiCam4HKt7b57o0l/6i/8DwQMOL5Acco960NdLEky7M"
age
41240
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/avif
x-served-by
cache-lcy-egml8630061-LCY, cache-syd10126-SYD
x-cache-hits
1, 95
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
2496
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.344844,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
312
accept-ranges
bytes
access-control-allow-origin
*
content-length
3698
fastly-io-served-by
vpop-etou8240193
x-amz-meta-bounds-width
3120
server
AmazonS3
x-amz-server-side-encryption
AES256
5600.jpg
i.guim.co.uk/img/media/1f412825683003dedfd261c1f378034552e32514/560_0_5600_4480/master/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/1f412825683003dedfd261c1f378034552e32514/560_0_5600_4480/master/5600.jpg?width=140&dpr=1&s=none&crop=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6d37b2e88a75cc5d399ec9553f95c6665485a40d9702e45672c465ab67bcc20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=8648238 idim=5600x4480 ifmt=jpeg ofsz=3242 odim=140x112 ofmt=avif
x-amz-meta-bounds-y
0
etag
"S9Elr7J65vzhK+wrBjsmxMzhOObgggyMVfXAtglL82g"
age
47263
x-cache
MISS, HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/avif
x-served-by
cache-lcy-eglc8600057-LCY, cache-syd10126-SYD
x-cache-hits
0, 104
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
4480
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.344860,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
560
accept-ranges
bytes
access-control-allow-origin
*
content-length
3242
fastly-io-served-by
vpop-etou8240194
x-amz-meta-bounds-width
5600
server
AmazonS3
x-amz-server-side-encryption
AES256
5921.jpg
i.guim.co.uk/img/media/3a8f8ff004b471c86436a8732df035ba609c3674/592_0_5921_4737/master/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/3a8f8ff004b471c86436a8732df035ba609c3674/592_0_5921_4737/master/5921.jpg?width=140&dpr=1&s=none&crop=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05f5b2367d4529d1c9a2674800a1284c2f42f996cd2fd5921c0d6aa8cdc18efe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=11019849 idim=5921x4737 ifmt=jpeg ofsz=5621 odim=140x112 ofmt=avif
x-amz-meta-bounds-y
0
etag
"rwnkjdVdLCQZH28D4snVmEC5/2wGWZ+D7+mQtp+limw"
age
271683
x-cache
MISS, HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/avif
x-served-by
cache-lcy-eglc8600098-LCY, cache-syd10126-SYD
x-cache-hits
0, 96
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
4737
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.345217,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
592
accept-ranges
bytes
access-control-allow-origin
*
content-length
5621
fastly-io-served-by
vpop-etou8240194
x-amz-meta-bounds-width
5921
server
AmazonS3
x-amz-server-side-encryption
AES256
2307.jpg
i.guim.co.uk/img/media/8a7142d7fb7d8d1f19955cd76e65ef2d651240cf/324_0_2307_1846/master/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/8a7142d7fb7d8d1f19955cd76e65ef2d651240cf/324_0_2307_1846/master/2307.jpg?width=140&dpr=1&s=none&crop=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef27c95c2ea9e25bb90dc613ef364f4c186966b5e5ce47fc8a26e547137e1bc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=670420 idim=2307x1846 ifmt=jpeg ofsz=3727 odim=140x112 ofmt=avif
x-amz-meta-bounds-y
0
etag
"X66Z+AL0dlk+JyMDzja/J9MMT7v9hwEVowgYQUMvxCU"
age
37216
x-cache
MISS, HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/avif
x-served-by
cache-lcy-eglc8600049-LCY, cache-syd10126-SYD
x-cache-hits
0, 41
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
1846
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966674.345187,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
324
accept-ranges
bytes
access-control-allow-origin
*
content-length
3727
fastly-io-served-by
vpop-etou8240198
x-amz-meta-bounds-width
2307
server
AmazonS3
x-amz-server-side-encryption
AES256
ads-prescription-drugs-weight-loss-ozempic-legal-australia-ntwnfb.json
api.nextgen.guardianapps.co.uk/embed/card/australia-news/2024/nov/18/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/embed/card/australia-news/2024/nov/18/ads-prescription-drugs-weight-loss-ozempic-legal-australia-ntwnfb.json?dcr=true
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/MostViewedRightWithAd-importable.client.web.74b5e5acafc4a1c46fbe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b5d2256951508b0fe9ee6c6d93486339b4824ddd7bb531544e4527d2e35c82b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"hash-1669104306656835825"
age
0
x-cache
HIT, HIT
x-gu-frontend-git-commit-id
eebc8d6aa8308e7aafe1dd5835e04b6dcb33525d
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json
x-served-by
cache-lcy-eglc8600046-LCY, cache-syd10157-SYD
x-cache-hits
7209, 0
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
vary
Accept-Encoding,Origin,Accept
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private
x-timer
S1754966674.363735,VS0,VE268
x-gu-backend-app
onward
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.theguardian.com
content-length
1027
server
nginx
x-gu-geolocation
country:AU
7670.client.web.c109235ee181265050b0.js
assets.guim.co.uk/assets/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/7670.client.web.c109235ee181265050b0.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca378393e1bf5f25c7fd6ccd611b27c003a0e334aaa09888fe81c0a34066244a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/7670.client.web.c109235ee181265050b0.js
etag
"4327cd984c9c4ab4cd544701843eb61b"
x-amz-version-id
zDTYutTCyu1WPMnalAtPXkpjBz4XCkhh
age
490210
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:39 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5508
content-type
application/javascript
x-amz-id-2
wRmlBEQjOP3Yq1+X3LFfBR6nrYOBEX1ApFPnJxvTfAAkH2rS7A//BGFXGxa666uoZzA0S229pOyhYrXEzmxUYJ+mZG261NWMCi+NvcVMuWs=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.366394,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
QSZYDVFWNYX6RXGT
accept-ranges
bytes
access-control-allow-origin
*
content-length
4897
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
StickyBottomBanner-importable.client.web.a61a4ca6bfc05e6ddf90.js
assets.guim.co.uk/assets/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/StickyBottomBanner-importable.client.web.a61a4ca6bfc05e6ddf90.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
059462645ceddcdf0c87bd17e7b44b6a09d2b6bc5167718420ccfec78c71b5d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/StickyBottomBanner-importable.client.web.a61a4ca6bfc05e6ddf90.js
etag
"e6bcded746fc0ed5cc038b916e2384b2"
x-amz-version-id
9K4V3NuC8iWEOa7amTNv1egMjiNo7.kz
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 10:31:36 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5515
content-type
application/javascript
x-amz-id-2
IpriQZTFzFaHJhAF7huRiUAeMh2jjJXOp3XMQ5YGDk+CwHN8rflm/44ETUzd8QYRJuNXOuONnGJ7AWiVyJPSz0Soz29y0P0M
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.366487,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
HGYTXP0BQFCHVAZM
accept-ranges
bytes
access-control-allow-origin
*
content-length
5661
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
australia-ghost-stores-accc-warning-e-commerce-meta-shopify-ntwnfb.json
api.nextgen.guardianapps.co.uk/embed/card/australia-news/2025/jul/03/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/embed/card/australia-news/2025/jul/03/australia-ghost-stores-accc-warning-e-commerce-meta-shopify-ntwnfb.json?dcr=true
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/MostViewedRightWithAd-importable.client.web.74b5e5acafc4a1c46fbe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f8621e0cb34edfdaf60a34d80328e3689dfef410f30b0c9b4a8c9fb612180d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"hash-4576549533616166884"
age
0
x-cache
HIT, HIT
x-gu-frontend-git-commit-id
eebc8d6aa8308e7aafe1dd5835e04b6dcb33525d
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json
x-served-by
cache-lcy-egml8630042-LCY, cache-syd10157-SYD
x-cache-hits
7013, 0
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
vary
Accept-Encoding,Origin,Accept
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private
x-timer
S1754966674.369873,VS0,VE321
x-gu-backend-app
onward
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.theguardian.com
content-length
947
server
nginx
x-gu-geolocation
country:AU
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&adUnitWasHidden=false
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
pv-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&scriptVersion=4.37.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.theguardian.com
allow
POST
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Tue, 12 Aug 2025 02:44:34 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 2886e4c3f0ae51eca00bc6ca8a0f5226.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
wIwkuZNgBbazXBuJLI8ALUqljaWeK2E0DSp8n4LJA1ZHL74uBpToOA==
x-amz-cf-pop
SYD3-P2
x-cache
Miss from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-syd10157-SYD
x-timer
S1754966675.538438,VS0,VE203
pv-data
sourcepoint.theguardian.com/wrapper/v2/ 		190 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&scriptVersion=4.37.1&scriptType=unified
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
ffd47236f77ff61c2554dc7d42084f23237f9877f4bf18723c6242511a056ce4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-methods
GET, PUT, POST, DELETE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Miss from cloudfront, MISS
x-amz-cf-id
Ug-m53zJmymb3STYr6-8-UF7wgB9jPqj39h7y109nIsMmHnVey_Eug==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-syd10157-SYD
x-cache-hits
0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
no-cache, no-store
x-timer
S1754966675.745644,VS0,VE220
access-control-allow-credentials
true
via
1.1 2886e4c3f0ae51eca00bc6ca8a0f5226.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.theguardian.com
content-length
190
x-amz-cf-pop
SYD3-P2
x-powered-by
Express
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22CONSENT%22%2C%22id%22%3A%22ACCEPT_REJECT-1336553%22%7D%2C%22action%22%3A%22VIEW%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
graun.717.commercial.js
assets.guim.co.uk/commercial/c817039fb50f8c887ed9/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/c817039fb50f8c887ed9/graun.717.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f06a4374528cd212dbe1aa51c64f4b32c6210400c5c05ba4f905f65e04a3c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/c817039fb50f8c887ed9/graun.717.commercial.js
etag
"2feb8584985311c0eb6246b444b44e5b"
x-amz-version-id
gJTiXK_Te3TS6ybtGQrtFpvUyAOo3CTB
age
323785
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Fri, 08 Aug 2025 08:45:39 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
3798
content-type
application/javascript
x-amz-id-2
UJvqjY2sfWNIHsEzMI667dm9R0fW712uo81eietYa1hpXv32zNRRSyooZscRChOosCEViLlvB79jcs0gbMkmUZKPaa04mDJA
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.540951,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
V1A8K02A9QAZ69DC
accept-ranges
bytes
access-control-allow-origin
*
content-length
3329
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.220.commercial.js
assets.guim.co.uk/commercial/b2344181310d8f7e1ea2/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/b2344181310d8f7e1ea2/graun.220.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c72f83f18a8ff341ac03034eb01a5fdcc4badd7c33937b2a6150e9e0e3e01cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/b2344181310d8f7e1ea2/graun.220.commercial.js
etag
"08fd82f4c277258de593c6a3c4a96c5a"
x-amz-version-id
56Izsz7sO_gH9k65ZjR1HL6uTYY65Tq8
age
323871
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Fri, 08 Aug 2025 08:45:39 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
3792
content-type
application/javascript
x-amz-id-2
my4lOzwmdgp15Ktelc1IQ3zCiWXd7DVUeyeM8nLIMSeMohKkoiSmcEaTWTk86fRJj284NwSzKRvOTadyuV3BFV9Ap0ryjiSRkv+SSctiYig=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.541341,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
N476H2KV1P5K798Y
accept-ranges
bytes
access-control-allow-origin
*
content-length
18054
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.805.commercial.js
assets.guim.co.uk/commercial/480f15760042b39c35cc/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/480f15760042b39c35cc/graun.805.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21b831cec3fc7eb726ad7ccccbc610258cff1769504f9f07cd3479a1efdc3034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/480f15760042b39c35cc/graun.805.commercial.js
etag
"712fcf7bd57a509c5562ca179f0ec941"
x-amz-version-id
u9KNoHFC59Q5Qgd6bFFlbTQUyr05vxgL
age
55471
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Mon, 11 Aug 2025 11:19:01 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
807
content-type
application/javascript
x-amz-id-2
/J/kiHvyNZLIuKwZqAIgM0nCIDUj3CtzP+8gNfk8J42P6jUrmFdSyCDwGc2PTki91aJHfRHr67Y=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.541444,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
2SXFN741WA17G5XK
accept-ranges
bytes
access-control-allow-origin
*
content-length
24242
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.consented-advertising.commercial.js
assets.guim.co.uk/commercial/c23ffa85864e55b85990/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21e0ccde962ff5e37d65c0e4ad2af8b06832f2ba506470324d2f2feb5091f376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
etag
"1a16bb48a78b1c66a59be65d49124c28"
x-amz-version-id
e9ou35GJt5id1fj7gna.GYAULBGwTVos
age
55444
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Mon, 11 Aug 2025 11:19:01 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
803
content-type
application/javascript
x-amz-id-2
FKISce4j7VoX02Jj04GY/Y3ZoaYKYnyR/fXHySfe4pcX0p524TCV65U+0N62ENby5RLhaVp+QpY=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.541568,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
4T88R9WN4ME4GYS0
accept-ranges
bytes
access-control-allow-origin
*
content-length
16239
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&consentJurisdiction=AUS&consentUUID=&consent=true
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
banner
contributions.guardianapis.com/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/4790.client.web.9f94d69b1be9d2375278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
612d0451f5f248a2044075d6052f22bf4e93f319b0073e0d5d518baec53c411a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"1c25-rd2YG0K+KU9YMtIqFpirTj8IK34"
x-timer
S1754966675.844744,VS0,VE298
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.theguardian.com
x-cache
MISS
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
x-served-by
cache-syd10157-SYD
x-cache-hits
0
vary
Origin, Accept-Encoding
banner
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Tue, 12 Aug 2025 02:44:34 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-syd10157-SYD
x-timer
S1754966675.543408,VS0,VE298
index.html
sourcepoint.theguardian.com/ Frame C875 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ad054aa93c5272eda509811ca917d26a37898bb98bfe23e91db65205650ebef
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
22
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Tue, 12 Aug 2025 02:44:34 GMT
etag
W/"8f1f6e18417a88d37f47ac80ad197d7e"
last-modified
Thu, 31 Jul 2025 15:53:07 GMT
server
AmazonS3
strict-transport-security
max-age=300
vary
accept-encoding, Accept-Encoding
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
bNTU77SzvThaaBm2OChYRQ1ZvMES8GCyQQNVBzqEZA1tFWz1KvKS8A==
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-served-by
cache-syd10126-SYD
x-timer
S1754966675.547716,VS0,VE1
/
marketingplatform.google.com/about/enterprise/
Redirect Chain
  • https://www3.doubleclick.net/
  • https://marketingplatform.google.com/about/enterprise/
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://marketingplatform.google.com/about/enterprise/
Protocol
H2
Server
142.250.66.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f14.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

Redirect headers

cache-control
public, max-age=1800
location
https://marketingplatform.google.com/about/enterprise/
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 12 Aug 2025 03:14:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
sffe
au
www.theguardian.com/
Redirect Chain
  • https://www.theguardian.com/
  • https://www.theguardian.com/au
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/au
Protocol
H2
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"hash-8449692660814617193"
age
0
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-gu-frontend-git-commit-id
d8abf9a7e2b227899d2a54420a1e49662b7559c8
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/html; charset=UTF-8
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
link
<https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1>; rel=prefetch,<https://assets.guim.co.uk/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js>; rel=prefetch,<https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js>; rel=prefetch,<https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js>; rel=prefetch,,<https://assets.guim.co.uk/>; rel=preconnect,<https://i.guim.co.uk>; rel=preconnect,<https://j.ophan.co.uk>; rel=preconnect,<https://ophan.theguardian.com>; rel=preconnect,<https://api.nextgen.guardianapps.co.uk>; rel=preconnect,<https://hits-secure.theguardian.com>; rel=preconnect,<https://interactive.guim.co.uk>; rel=preconnect,<https://phar.gu-web.net>; rel=preconnect,<https://static.theguardian.com>; rel=preconnect,<https://support.theguardian.com>; rel=preconnect
content-security-policy
upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
x-gu-edition
au
x-timer
S1754966675.552206,VS0,VS0,VE0
x-gu-dotcomponents
true
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/au
referrer-policy
no-referrer-when-downgrade
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=(), clipboard-read=()
accept-ranges
bytes
content-length
135270
x-xss-protection
1; mode=block

Redirect headers

age
0
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Tue, 12 Aug 2025 02:44:34 GMT
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
cache-control
max-age=0,no-transform
retry-after
0
location
/au
x-gu-edition
au
x-timer
S1754966675.547906,VS0,VS0,VE0
referrer-policy
no-referrer-when-downgrade
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=(), clipboard-read=()
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
Notice.b88d6.css
sourcepoint.theguardian.com/ Frame C875 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.b88d6.css
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9cf3aea4e86137684d918f1ef8b06cdadbfd1e4127ebc9af8daacb8838265df
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1

Response headers

content-encoding
gzip
etag
W/"0731f95fe54392a03f3c9930627a5114"
age
2907
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Hit from cloudfront, MISS
x-amz-cf-id
VBkjFA3Bdz_z2lWIlt6FDyjv1mv1lVvyFKeu7DST-nnMyfYxo_3W_A==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/css
x-served-by
cache-syd10126-SYD
x-cache-hits
0
last-modified
Thu, 31 Jul 2025 15:53:06 GMT
vary
accept-encoding, Accept-Encoding
strict-transport-security
max-age=300
cache-control
max-age=3600
x-timer
S1754966675.557546,VS0,VE1
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
polyfills.01516.js
sourcepoint.theguardian.com/ Frame C875 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/polyfills.01516.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1

Response headers

content-encoding
gzip
etag
W/"89661b8fd918815bcb224bba79cabab1"
age
223
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Hit from cloudfront, MISS
x-amz-cf-id
XHSvpJ1X9O-873BFkYpMLfeHXdv5E2P94xUVqOjHNg7c84NmLWqtcw==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript
x-served-by
cache-syd10126-SYD
x-cache-hits
0
last-modified
Thu, 31 Jul 2025 15:53:07 GMT
vary
accept-encoding, Accept-Encoding
strict-transport-security
max-age=300
cache-control
max-age=3600
x-timer
S1754966675.557742,VS0,VE4
via
1.1 1756a318e802526c12a1158627f4728e.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
Notice.80599.js
sourcepoint.theguardian.com/ Frame C875 		351 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.80599.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8f240f1c820e83bbd9da86241c6eca3ff7ae0101a02e3fb87997a890fc01b0c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=1336553&consentUUID=null&preload_message=true&version=v1

Response headers

content-encoding
gzip
etag
W/"3fd0d11dc1b7776444f49f9797da5d45"
age
2841
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
Hit from cloudfront, MISS
x-amz-cf-id
SENJ4vb3QkC6QKJkXHnMvineruAU0tEgyGThZPSAEYrwwkSCE3e96g==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript
x-served-by
cache-syd10126-SYD
x-cache-hits
0
last-modified
Thu, 31 Jul 2025 15:53:06 GMT
vary
accept-encoding, Accept-Encoding
strict-transport-security
max-age=300
cache-control
max-age=3600
x-timer
S1754966675.557723,VS0,VE1
via
1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer

Response headers

content-encoding
br
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1
age
0
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lcy-egml8630086-LCY, cache-syd10126-SYD
x-cache-hits
0
vary
User-Agent, Accept-Encoding
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
x-timer
S1754966674.890765,VS0,VE270
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
152
frameworks.client.web.08a4f0f5eb5f6aab0bee.js
assets.guim.co.uk/assets/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.client.web.08a4f0f5eb5f6aab0bee.js
etag
"c16c30d4db3ca51f0405be87ef5a5e4d"
x-amz-version-id
pheHLOmly0gB9cioeDeyDi2CC8LUN98F
age
490203
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Wed, 06 Aug 2025 10:31:39 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
6577
content-type
application/javascript
x-amz-id-2
hJTIPUPKrthKcUcQ0/cOe/R4K6F4pdLA4jdGaypOQxlj1aj2hrBau2vWwgDY5QYJlqgqValafeZTFzRtccZ7kQ==
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.897712,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
PQ48F830Y7K8D3YT
accept-ranges
bytes
access-control-allow-origin
*
content-length
20324
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
index.client.web.5805dd79c70fc1de5fea.js
assets.guim.co.uk/assets/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/index.client.web.5805dd79c70fc1de5fea.js
etag
"e00b92c82f5a689169a68106a523c675"
x-amz-version-id
Hpp0UresH07tvC1EYtMhoMVM580KHwMw
age
39799
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Mon, 11 Aug 2025 15:39:07 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
789
content-type
application/javascript
x-amz-id-2
6bOg2/HDp4CGxxMuiBtXYIJgFUAyGhCo7/p9xNjtiVosaRYdbaZHRgJWb7J9TASEOudDwXMw0DRe+cmXTTQ/wA==
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.897557,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
WN26SD83DHRG3J8H
accept-ranges
bytes
access-control-allow-origin
*
content-length
42938
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.standalone.commercial.js
assets.guim.co.uk/commercial/c82f1f518d37041a4261/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
etag
"e38be5c50e7db392aa10b97eb28d5ab7"
x-amz-version-id
OuqLLdTl57o49s1lKh.vkSqZKi67eOzC
age
55439
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:33 GMT
last-modified
Mon, 11 Aug 2025 11:19:01 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
922
content-type
application/javascript
x-amz-id-2
oGZr8G0XM5H8Zg4m9hJCCGXrp7iyEAVzJKu7cqpx8U0vLzqDS9AfvJXlZiBEyYtSyoma1PugLb+r0wl8L966JRpEbvKbc2LQll00qq1Er1Q=
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966674.910792,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
9VPTAA4F8193JJYB
accept-ranges
bytes
access-control-allow-origin
*
content-length
13708
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:34 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:36 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
config.js
cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/ 		258 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c817039fb50f8c887ed9/graun.717.commercial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.90 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77893f1c3e94777f061ccb1e400ae0595179044b4747a5ef701702cbd61c10b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"efb5f090140e5074674ed42bd85d5cb9"
age
344
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript
last-modified
Tue, 12 Aug 2025 02:19:04 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
UeWEtvQiIGbH3aMz0eZ6nWusQKuW+wrfv54uTlfCS2FEwxAxZkXzPxCLwY457VnTEgQhvaHJ9Pg=
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
96dca1b439cd486c-SYD
x-amz-request-id
7HXMBCVCRHBVTVT4
accept-ranges
bytes
content-length
56829
server
cloudflare
x-amz-server-side-encryption
AES256
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol
H2
Server
18.67.93.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-39.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
386a95ac998b3935b9e00f9efcb7845fc32eb675cb38e66477b3dc744dfcc55c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"b76779fa4f009d09c2925c8833b1b0df"
age
39102
via
1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
nHuPzh7mP65bKpgOvSaIUsrlE-rRIf4dLsvIE7hpqRy1S4p-1lgJJw==
date
Mon, 11 Aug 2025 15:52:53 GMT
content-type
text/javascript
last-modified
Wed, 30 Jul 2025 13:25:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-cs/default/beacon.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
CF44YiL95bXdLo9MMlz6oq7lQRbZevtZcFv2ilIi0S-eyAqvdSRRmQ==
date
Tue, 12 Aug 2025 02:44:34 GMT
x-amz-cf-pop
SYD62-P1
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c817039fb50f8c887ed9/graun.717.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.201 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-amz-id-2
mADxwYHlbtV8pQcz/U6ZZY8/4j+R3xNGkDroHY8dkJuPzjUiscGSx/WqBcbYMSG6qAhCL0uI6HY=
cache-control
private, max-age=3600
content-encoding
br
etag
"d86492df4bad2a485597bfa437c78ad2"
x-amz-version-id
IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
x-amz-request-id
8J86C1Q7BZ42GCFB
accept-ranges
bytes
content-length
3393
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 28 Feb 2024 14:26:38 GMT
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
graun.916.commercial.js
assets.guim.co.uk/commercial/943c3b039f77db255f85/ 		140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e96654a0a9b924f39771b41c3eb84da970076dc0196fe6e8d853f7a530e21b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/943c3b039f77db255f85/graun.916.commercial.js
etag
"c7130655ed1a75262c3b92b4c2f762aa"
x-amz-version-id
v1akZV8KbGWC8ww1q1ZBptIbXvW4EfS_
age
654859
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Mon, 04 Aug 2025 12:49:02 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
7149
content-type
application/javascript
x-amz-id-2
Psv0GC4qJVeOW5VxWebLlDcs2KZFhKZMaJiniIpi58a9CFtZxwnchmVw9c0B3ye176tKZ+kgkhI=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.585692,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
QEP99FWGBDWARG27
accept-ranges
bytes
access-control-allow-origin
*
content-length
46605
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.66.commercial.js
assets.guim.co.uk/commercial/23b656b35dd823e08942/ 		217 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/23b656b35dd823e08942/graun.66.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc36d12d5ae98d47c7f018cbc06d80c950114905ec84091ed931f4e14dfad1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/23b656b35dd823e08942/graun.66.commercial.js
etag
"379b6fe8493c95b74df9080e7d21ff6c"
x-amz-version-id
k3p4vGXIwZv7B1p8UjjdLmXwBotTEZBH
age
497993
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 06 Aug 2025 08:22:54 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5610
content-type
application/javascript
x-amz-id-2
S+HqweQzCPngyKTMUW/M5oJ8mjPvKaOP9MFf3fAld4VvKHZ2OFaqoXxxSBo4diaDs/uni0amXLw=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.585776,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
XNV2NHGGTYD3PED5
accept-ranges
bytes
access-control-allow-origin
*
content-length
65263
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
graun.Prebid.js.commercial.js
assets.guim.co.uk/commercial/147220d95ab9a68f73da/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/147220d95ab9a68f73da/graun.Prebid.js.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c82f1f518d37041a4261/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00faace973789b38e775a279eefc085b984e89d2cffd67ef275d8a31f7b80558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/commercial/147220d95ab9a68f73da/graun.Prebid.js.commercial.js
etag
"b1adc14b2124d9d842045d16ebe62081"
x-amz-version-id
itJzyCzNNd4WjM1GjXk2tKwLsWZvMLcC
age
323864
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Fri, 08 Aug 2025 08:45:39 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
3370
content-type
application/javascript
x-amz-id-2
qO8U/KeXqsRNCgMapCFzrMcmpi1jcCr97KlV3WpnW9hFb46TWIOkkLA95NtaZPCT7YzX+HXD6/+BcgiAl3wAob4zOxOt5umoF/qhIQPZ0oo=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.585850,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
7J2FA9SDBYD9AWA3
accept-ranges
bytes
access-control-allow-origin
*
content-length
2403
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
apstag.js
c.amazon-adsystem.com/aax2/ 		331 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
856fbabc6c5ab42cee6104b14b6bfebc9dc5e91b44bedd5038e94632b69e9731

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"37debc9b7d063fec2c484dd9812c1170"
age
1802
via
1.1 f030a50431b0b5e5e9f61b56d387c5cc.cloudfront.net (CloudFront), 1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
AMLNAwxfLVNGAUhWMQjPeDl5csLDs0CiUEOn3sXqQrZAi8q3yuZnlg==
date
Tue, 12 Aug 2025 02:14:33 GMT
content-type
application/javascript
x-amz-cf-pop
SYD3-P3, SYD62-P3
server
AmazonS3
last-modified
Mon, 11 Aug 2025 20:14:23 GMT
x-amz-server-side-encryption
AES256
door.js
au-script.dotmetrics.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?d=www.theguardian.com&t=australianews
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c817039fb50f8c887ed9/graun.717.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
d5b380328ea701726f4843ecaf8f8b02c18db5329fd5d89ad46611a6bdc50692

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
private
content-encoding
br
etag
".www.theguardian.com.australianews.345.2025081202"
via
1.1 cab8093de9e922f6aac9f66e51afc0cc.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
_bCFFiOWP5W6vvYTV4GdersqUMznzFzEzKSFTsHvja1EgDdiIXeN_w==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
SYD1-C1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c817039fb50f8c887ed9/graun.717.commercial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
10049dc570bb48127523467e4434db0885fe91e61ddf4541d87a4f88f421ca46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
etag
520 / 20312 / m202508070101 / config-hash: 2268784260837664288
x-content-type-options
nosniff
expires
Tue, 12 Aug 2025 02:44:34 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34976
x-xss-protection
0
server
cafe
ggcmb510.js
secure-dcr.imrworldwide.com/novms/js/2/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-dcr.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.22.212 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-22-212.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
"67a0e409-112a"
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy
cross-origin
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-length
4394
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/javascript
last-modified
Mon, 03 Feb 2025 15:43:05 GMT
server
nginx
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-au.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Protocol
H2
Server
108.158.32.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-77.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7d9d31eb31a78c9459a92688654d8d486ab4dc523daedef425e75c593387d23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
x-amz-version-id
x3GiO59lVsw5MRHVLYUm3rm8gIyqbADh
etag
W/"c013b5fa217bfca5f33413a88c921ab5"
age
37255
via
1.1 1756a318e802526c12a1158627f4728e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
nid0WnPogL5BasQzn3VOSKzSWKZGkkRykFfhE_uHTOs4hIO-VDXDVg==
date
Mon, 11 Aug 2025 16:23:41 GMT
content-type
application/javascript
last-modified
Tue, 21 May 2024 14:03:42 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256

Redirect headers

location
https://cdn-gl.imrworldwide.com:443/v60.js
content-length
134
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
text/html
server
awselb/2.0
conversion_async.js
www.googleadservices.com/pagead/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.70.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s02-in-f2.1e100.net
Software
cafe /
Resource Hash
eea12cfcf3fc0ba1342b082b3298d83c99b68bf884d2d72a9742f9d17047ac96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
etag
7227777693600859688
x-content-type-options
nosniff
expires
Tue, 12 Aug 2025 02:44:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
23064
x-xss-protection
0
server
cafe
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
cdn.permutive.com/ 		1 MB
338 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.109.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac9c722182c61d0cdbdb23e9a796380225ca80c6f7d82aa40fde78eaec62ec5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=ni/VNA==, md5=ZQhWZY1biEMdyG7Tha/Eeg==
etag
"650856658d5b88431dc86ed385afc47a"
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
cf-cache-status
HIT
age
0
x-goog-stored-content-encoding
br
expires
Tue, 12 Aug 2025 02:59:34 GMT
x-goog-stored-content-length
345396
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/javascript
last-modified
Mon, 11 Aug 2025 12:13:21 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABgVH88Diexgj8pqkOoyoDW8GAWV6Ber9Z9YBQrPSV_jhgg5DeUFTFbFc2VlWkoFgHUJmB-z
cache-control
public, max-age=900
timing-allow-origin
*
x-goog-storage-class
REGIONAL
cf-ray
96dca1b49d44a7ef-SYD
accept-ranges
bytes
x-goog-generation
1754914401711511
content-length
345396
server
cloudflare
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-102.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcf00cd9560807936e43f98d96521848750ca505b08849a58d00e13cc0172519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding
Content-Encoding
gzip
ETag
W/"8154739d59f60027b338aff6bcd17698"
Age
45649
Connection
keep-alive
Via
1.1 03b68196a4924b2e14289edfecca0cae.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
_JoSaxieF_C9RJV5c_WGqgLG1vCdE8raIowWIK92KeLZL14W7KkEsw==
Date
Mon, 11 Aug 2025 14:03:46 GMT
Content-Type
application/javascript
Last-Modified
Wed, 26 Feb 2025 14:29:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD3-P1
x-amz-server-side-encryption
AES256
e96d04c832084488a841a06b49b8fb2d.js
cdn.brandmetrics.com/survey/script/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.90 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5565c67a94c08ec83f4419671dfe64d0b0b0073117ac7c40426fc319c1568aa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
public, max-age=3600
content-encoding
gzip
cf-cache-status
HIT
age
2273
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Tnj8SpSRRNNVkIPJn4I0a2616enYWMTbilp2fpNRmV%2F3PxKHj5QmzkAE45MGKIwq8C73wv77zmbnW9HgG1Kg4I8Jvypf1At1ZtC5OeFHmSBwVLo%3D"}]}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
96dca1b4dbe157d5-SYD
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript;charset=utf-8
last-modified
Tue, 12 Aug 2025 02:06:41 GMT
server
cloudflare
vary
accept-encoding
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:36 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
prebid
id5-sync.com/api/config/ 		194 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
521a92350068f6c991fc90a2d27d61d798d330edd0b9682b8dee007407ad264f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://www.theguardian.com
p3p
CP="CAO PSA OUR"
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
fpc
at.teads.tv/ 		0
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_2167&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=1YNN&shared_ids=&sv=90769f5&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.105 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Tue, 12 Aug 2025 02:44:34 GMT
Access-Control-Allow-Origin
https://www.theguardian.com
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:34 GMT
Content-Type
text/plain; charset=UTF-8
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202508051250/ 		362 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202508051250/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.90 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af774b086388ae8760744f484d6277ee45760c64903eab0d9d63ff837eb3086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b76b3741190230b4fa176d1693b8d7ca"
age
286865
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Aug 2025 16:51:33 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
8oc4sFfD7jxQlOtanNOA0tmVjZWOMt7kjJe/rkrd++icMY2olYO+oLv2JSqse7TuT/+amvA+HBo=
cache-control
public, max-age=31536000
cf-ray
96dca1b50b5c486c-SYD
x-amz-request-id
BSY96YCGBHR83CVQ
accept-ranges
bytes
content-length
129970
server
cloudflare
x-amz-server-side-encryption
AES256
3722
config.aps.amazon-adsystem.com/configs/ 		531 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3722
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.175.115.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-175-115-46.syd3.r.cloudfront.net
Software
CloudFront /
Resource Hash
a4d6d108f7f9d3c92017235e5fbc52eebf8542b63fd2cb652627f17909918587

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
max-age=3600
age
32
via
1.1 9049752a317b6441e01ea2fcca4bca50.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
kUoY6g4rG1jf357X2pxdetX32w5wiabSYxUjSCgjnqj69EUX0R5Zvg==
date
Tue, 12 Aug 2025 02:44:02 GMT
content-type
application/javascript
x-amz-cf-pop
SYD3-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3722&u=https%3A%2F%2Fwww.theguardian.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
Server /
Resource Hash
4a57931c7debc741241f46ea281594a1f42cb2911cd7c7c468c68e1e72e35dec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
max-age=21550, s-maxage=21600
age
7688
access-control-allow-credentials
true
via
1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.theguardian.com
x-cache
Hit from cloudfront
content-length
1477
x-amz-cf-id
SESxa3ViZrvXL6I7px4aFUvDMtCaKPuixkrCVwIm_fiaUR-4U6kS5w==
date
Tue, 12 Aug 2025 00:36:25 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
SYD62-P3
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
67492
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
KARjFA7aOsmBY95K1v51g9ned4c-OereSxLNypi1ufRnyA9vrwh1tA==
date
Mon, 11 Aug 2025 07:59:43 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 aeb2692086ca3fc7d14822f811ae17a0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD62-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ Frame C875 		464 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4deb8b98e5ce51144ce980707d596608be453de89423be3addfcd9beeaf45086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
GTGuardianTitlepiece-Bold.woff2
interactive.guim.co.uk/fonts/garnett/ Frame C875 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://interactive.guim.co.uk/fonts/garnett/GTGuardianTitlepiece-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edd12e6fa14355f432e7071326eb15fc600f3099ac0485a972cd2a80880c6d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://sourcepoint.theguardian.com
Referer
https://sourcepoint.theguardian.com/

Response headers

access-control-expose-headers
Date
x-amz-version-id
null
etag
"ec26e97636dac18945f3a7ee4fd87032"
age
38122
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 18 Nov 2020 17:26:07 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
169
content-type
application/octet-stream
x-amz-id-2
rLSYh8kNsVs5b1cwco6IOhRKG8Wv3xGe8XaAGnZ2OykyyskaCwQIRHo/xYLk5/SGDBh2G/vvrBZXlDZM2adDImgQQhy0i1Irewpi5NTef0M=
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
strict-transport-security
max-age=31536000
cache-control
public,max-age=604800
x-timer
S1754966675.798825,VS0,VE0
x-amz-meta-creator
Cyberduck
via
1.1 varnish
x-amz-request-id
BRA8A38J0HN6XQPM
accept-ranges
bytes
access-control-allow-origin
*
content-length
26504
server
AmazonS3
GuardianTextSansWeb-Regular.woff2
interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/ Frame C875 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/GuardianTextSansWeb-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa2ee0bb51dae9640fe999becb0881b75f544a647068a208bcb2fec2146cd7d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://sourcepoint.theguardian.com
Referer
https://sourcepoint.theguardian.com/

Response headers

access-control-expose-headers
Date
x-amz-version-id
null
etag
"42edb0793116210cd6ee2fde2debe92f"
age
29541
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Thu, 16 Aug 2018 16:27:39 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
173
content-type
application/octet-stream
x-amz-id-2
ZqeBQ+pfI5h02qu7D+/FICTsLrVLsKofR/DPB5GfOF50uH7TsB9PDaJSXT81ID3JzxA4uU8EvfIurnA7/SVRBdZAoMVvqJcm
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
strict-transport-security
max-age=31536000
cache-control
max-age=302400
x-timer
S1754966675.798871,VS0,VE0
via
1.1 varnish
x-amz-request-id
PFQAYMFC7TC2FG09
accept-ranges
bytes
access-control-allow-origin
*
content-length
35868
server
AmazonS3
GuardianTextSansWeb-Bold.woff2
interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/ Frame C875 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/GuardianTextSansWeb-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98a6ba8081d2c2dd28a5c7b7efa6f80bf1e9ea513d5d77ecca6a699b21f7a2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://sourcepoint.theguardian.com
Referer
https://sourcepoint.theguardian.com/

Response headers

access-control-expose-headers
Date
x-amz-version-id
null
etag
"7b29fbe222ef6f546085ef8cbc69a4e0"
age
164726
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Thu, 16 Aug 2018 16:27:39 GMT
x-served-by
cache-syd10157-SYD
x-cache-hits
880
content-type
application/octet-stream
x-amz-id-2
6N+Kw3x4b7uoAmOu3OzVDTMFPzJxzmexJLLhP0cCHbczTAwPhEdUaTrCwno3+70KkWJRT/rzxBdjXFNGYjAFLmBKYuTYIJ6VxpFBJ9oevcU=
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
strict-transport-security
max-age=31536000
cache-control
max-age=302400
x-timer
S1754966675.798894,VS0,VE0
via
1.1 varnish
x-amz-request-id
71TC6SXYVTEWVNWV
accept-ranges
bytes
access-control-allow-origin
*
content-length
39500
server
AmazonS3
hit.gif
au-script.dotmetrics.net/ 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=5804&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&dom=www.theguardian.com&r=1754966674788&pvs=1&ecid=f185aa7b-e41b-4320-bb58-b63be28c271b&dc=266addd3-21a4-440d-836f-82f3f2554787&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fd%3dwww.theguardian.com%26t%3daustralianews&dfph=&ver=345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
dotmetrics-hit-status
01 OK
via
1.1 cab8093de9e922f6aac9f66e51afc0cc.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
KkH2S3AVeUzcxvdB3RQOG93VutPDxin2mmAZlRC5LBeDy-lgpfGP2A==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/gif
x-amz-cf-pop
SYD1-C1
server
Kestrel
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=5804&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&dom=www.theguardian.com&r=1754966674788&pvs=1&pvid=f185aa7b-e41b-4320-bb58-b63be28c271b&c=true&tzOffset=-480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.175.115.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-175-115-111.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

vary
accept-encoding
cache-control
max-age=86400
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
age
38933
via
1.1 b089b00224a18e318b083bd54ec53538.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
807
x-amz-cf-id
gSBhOmA_vywxkj13A_seuqHrzpBQjzetXWMXi5eLGi5lm-xTZ6w3ow==
date
Mon, 11 Aug 2025 15:55:42 GMT
content-type
image/gif
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P3
x-amz-server-side-encryption
AES256
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.142.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-142-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
45bc6978e281a938d9485dcbf0859159b24e2f7c9b8b0fafc120b9606e0ea8b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"10ab4-63a0ee37f7c40-gzip"
expires
Tue, 12 Aug 2025 02:59:34 GMT
accept-ranges
bytes
content-length
21994
date
Tue, 12 Aug 2025 02:44:34 GMT
last-modified
Wed, 16 Jul 2025 17:04:41 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
id5-api.js
cdn.id5-sync.com/api/1.0/ 		106 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.169.55 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e054e8ba11b0c11c9443970118657c6dfc43e76ae01f75246efeb1f80ebe7e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-amz-id-2
6K3YH7E7SIRF95lyoN93o4v5BqGq2YtoK6WLwyeom68+KGeeCLqGtAxyA/v/IBw6ddb7l2D7DBA=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"eea3e91e904db177468d4bef91dcdf05"
age
987
x-amz-request-id
SSE2FGTMNW2EZ9AD
cf-ray
96dca1b59915aac4-SYD
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript;charset=utf-8
last-modified
Tue, 29 Jul 2025 12:29:41 GMT
vary
accept-encoding
server
cloudflare
x-amz-server-side-encryption
AES256
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.90 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8c188bef0d0ba0250d225ce3ece84d7857805d7332f323ef4d4e4fc1defe9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
public, max-age=3600
content-encoding
gzip
cf-cache-status
HIT
age
2273
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fM8jApKYeXUkVLOLfLGHmGmAtTl5b%2BBJtQSyvlw5Lz9Jf6AKLPy2ZhwLfgbZwLB1zIr3LpMP03sc2elVOA6XCeOjlbltSkFgnPXSlHGnfQxA37A%3D"}]}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
96dca1b58d3657d5-SYD
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript;charset=utf-8
last-modified
Tue, 12 Aug 2025 02:06:41 GMT
server
cloudflare
vary
accept-encoding
2953.jpg
i.guim.co.uk/img/media/561034a5377cc51a8759ae81976764e7828ec6c2/0_170_2953_1772/master/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/561034a5377cc51a8759ae81976764e7828ec6c2/0_170_2953_1772/master/2953.jpg?width=460&quality=85&auto=format&fit=max&s=9780c5f4ec3839bfaa67951d715b98b7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c97001b618aa83c2992b6d72d06aa6a13ccc925ea0153d1202c158583ba4eea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=2408151 idim=2953x1772 ifmt=jpeg ofsz=34984 odim=460x276 ofmt=webp
x-amz-meta-bounds-y
170
etag
"wR6pbqC6ZCVU51sufKWL6APLcxs0qL1arPMlF5FOX3M"
age
1805234
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/webp
x-served-by
cache-lcy-egml8630072-LCY, cache-syd10126-SYD
x-cache-hits
6, 0
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:3
cache-control
max-age=31536000
x-amz-meta-bounds-height
1772
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966675.806031,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
34984
fastly-io-served-by
vpop-etou8240195
x-amz-meta-bounds-width
2953
server
AmazonS3
x-amz-server-side-encryption
AES256
4429.jpg
i.guim.co.uk/img/media/214319d1c2ea12a9b91a8c889855ce2189e56230/401_0_4429_3543/master/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/214319d1c2ea12a9b91a8c889855ce2189e56230/401_0_4429_3543/master/4429.jpg?width=460&quality=85&auto=format&fit=max&s=62ddb9d4f233e51fe9d9f5c1cbb6df7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5c2836f46594ac76fb9362972a39dd60140ce4553f39bf8cf89558cc51e5a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

fastly-io-info
ifsz=4444685 idim=4429x3543 ifmt=jpeg ofsz=20558 odim=460x368 ofmt=webp
x-amz-meta-bounds-y
0
etag
"VRgQygncNaYEvmyc1IOQZauuTLTqVosBX5QBX8agOKM"
age
1339784
x-cache
HIT, HIT
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
image/webp
x-served-by
cache-lcy-egml8630060-LCY, cache-syd10126-SYD
x-cache-hits
2, 597
vary
Accept, Accept-Encoding
fastly-stats
io=1
x-amz-meta-aspect-ratio
5:4
cache-control
max-age=31536000
x-amz-meta-bounds-height
3543
timing-allow-origin
https://www.theguardian.com
x-timer
S1754966675.806117,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-meta-bounds-x
401
accept-ranges
bytes
access-control-allow-origin
*
content-length
20558
fastly-io-served-by
img03-europe-west3
x-amz-meta-bounds-width
4429
server
AmazonS3
x-amz-server-side-encryption
AES256
ab79135a-6ed8-45c3-a0e9-e03ddf38b4cf
https://www.theguardian.com/ Frame FE48 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/ab79135a-6ed8-45c3-a0e9-e03ddf38b4cf
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202508051250/wrap.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a5b05481e12ae47fd0c27456f5c60ce8adaddc9ebffcf798c694b238288b564

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
application/javascript
Content-Length
2982
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_fpcu=5b93acdf5fe74dcc9023b3dc7271727d&cs_it=b1&cv=4.13.0%2B2504041036&ns__t=1754966674936&ns_c=UTF-8&cs_cfg=1101110&cs_ucfr=1&comscorekw=austra...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_fpcu=5b93acdf5fe74dcc9023b3dc7271727d&cs_it=b1&cv=4.13.0%2B2504041036&ns__t=1754966674936&ns_c=UTF-8&cs_cfg=1101110&cs_ucfr=1&comscorekw=austr...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_fpcu=5b93acdf5fe74dcc9023b3dc7271727d&cs_it=b1&cv=4.13.0%2B2504041036&ns__t=1754966674936&ns_c=UTF-8&cs_cfg=1101110&cs_ucfr=1&comscorekw=australia-news&c7=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&c8=Online%20shoppers%20warned%20of%20%E2%80%98dangerous%E2%80%99%20weight-loss%20scam%20as%20%E2%80%98ghost%20stores%E2%80%99%20impersonate%20real%20people%20to%20sell%20Ozempic-like%20treatments%20%7C%20Scams%20%7C%20The%20Guardian&c9=
Protocol
H2
Server
18.67.93.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-39.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

via
1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
nNMxa6mwZNR7BoOVO_pHyipSSIO4yvZ8Ux9sLC4xY2mAmCCjRRcMjw==
date
Tue, 12 Aug 2025 02:44:35 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P1

Redirect headers

location
/b2?c1=2&c2=6035250&cs_fpcu=5b93acdf5fe74dcc9023b3dc7271727d&cs_it=b1&cv=4.13.0%2B2504041036&ns__t=1754966674936&ns_c=UTF-8&cs_cfg=1101110&cs_ucfr=1&comscorekw=australia-news&c7=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&c8=Online%20shoppers%20warned%20of%20%E2%80%98dangerous%E2%80%99%20weight-loss%20scam%20as%20%E2%80%98ghost%20stores%E2%80%99%20impersonate%20real%20people%20to%20sell%20Ozempic-like%20treatments%20%7C%20Scams%20%7C%20The%20Guardian&c9=
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
N29FEOZRWvNBxThiG74w1n3MKMZT40p7VE-nwKYufyv1K5WYcfJQZg==
date
Tue, 12 Aug 2025 02:44:35 GMT
x-amz-cf-pop
SYD62-P1
ab4419b6-d507-471c-ac7a-aba89a73f19c
https://www.theguardian.com/ 		0
0
script.js
au-script.dotmetrics.net/Scripts/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=345
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?d=www.theguardian.com&t=australianews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
52da95e00abf3bb0158842b3cf087914764b356156931de79cb3e06388d63977

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
etag
"1dbfae81047c640"
via
1.1 cab8093de9e922f6aac9f66e51afc0cc.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
NfgXYZcVMPn1-ZaAzbW_72Bzg_FD6ee2nuf89zMwe8h8beGon2gTjA==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
text/javascript
last-modified
Tue, 22 Jul 2025 09:07:35 GMT
server
Kestrel
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com&rnd=2373528
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:34 GMT
Content-Type
text/javascript;charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/?random=1754966674992&cv=9&fst=1754966674992&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&ig=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&tiba=Online%20shoppers%20warned%20of%20%E2%80%98dangerous%E2%80%99%20weight-loss%20scam%20as%20%E2%80%98ghost%20stores%E2%80%99%20impersonate%20real%20people%20to%20sell%20Ozempic-like%20treatments%20%7C%20Scams%20%7C%20The%20Guardian&hn=www.googleadservices.com&us_privacy=1YNN&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
318ecbb9e0be4de4c525832c14a4465911b6e6ca7f73ea23e30ea0de7cee4f28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2046
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/ 		575 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
7017ec7b6eabd401a406fb6a7358c9cab577ec04eae96996292be119e6ef0d75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
etag
11161755793691178870
age
57093
x-content-type-options
nosniff
expires
Tue, 11 Aug 2026 10:53:02 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 11 Aug 2025 10:53:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
186736
x-xss-protection
0
server
cafe
pxid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/ 		46 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/pxid?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4e51853033c2322c8f90d84b60e86a8673e22ffae076fcc586c15bcfff092686

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.theguardian.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
vary
Origin
server
Permutive
getuidj
ib.adnxs.com/ 		11 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj?gdpr=0
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
180.149.228.70; 180.149.228.70; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.theguardian.com
an-x-request-uuid
cc5a8540-f033-44c2-bb5c-331e1d060924
content-length
11
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.25.5
953.client.web.2fe85bfcc924e8babe37.js
assets.guim.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/953.client.web.2fe85bfcc924e8babe37.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68127ff1b2343f91a9e6505ff230a9e7a1d05c76000a8d10536739a466790916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/953.client.web.2fe85bfcc924e8babe37.js
etag
"d42732ba16a947fbf8efb42e9c8dd82c"
x-amz-version-id
4.yXbngJ.hmDfRSP.Xf7.xSBeA9poPVE
age
490207
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:35 GMT
last-modified
Wed, 06 Aug 2025 10:31:42 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5170
content-type
application/javascript
x-amz-id-2
DhF2H7Up1AFbX1EvOdA2h8cShAD0GJKnA2NUtaI7zZif1MH1kiaHR8Q85SatDQWo+xXl6gj6i48=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.030499,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
WFXAD757CKTX2E7M
accept-ranges
bytes
access-control-allow-origin
*
content-length
2368
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
8828.client.web.07a0abb2f4eec73bf677.js
assets.guim.co.uk/assets/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/8828.client.web.07a0abb2f4eec73bf677.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d57e26c975d35d288eab3bc583b5f0dbd2f13d118e78336074b014bf1d67a507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
x-gu-debug-url
/PROD/frontend-static/assets/8828.client.web.07a0abb2f4eec73bf677.js
etag
"486010f71996bfe461def2ee2000861f"
x-amz-version-id
fqrbbymSwYSO06D5mqDlp2mUuQjpZW9X
age
490205
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 12 Aug 2025 02:44:35 GMT
last-modified
Wed, 06 Aug 2025 10:31:40 GMT
x-served-by
cache-syd10126-SYD
x-cache-hits
5166
content-type
application/javascript
x-amz-id-2
Dkc3rVV+8wAljHnGA38mHTigtkLjmgWv1b7xVHn1j5Cgz7rvJnby1PGvqKxOwwXcSrD7gSVAOH38k/Az6nvcXAKoRGNlxVIkPucmWaEZ6Y0=
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
x-timer
S1754966675.030676,VS0,VE0
access-control-allow-credentials
true
via
1.1 varnish
x-amz-request-id
S5DH2T57YX32SV1S
accept-ranges
bytes
access-control-allow-origin
*
content-length
4049
fastly-restarts
1
server
AmazonS3
x-amz-server-side-encryption
AES256
state
api.permutive.com/ctx/v1/ 		107 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/ctx/v1/state?url=https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
86c226757ed1cbd97828a58edbf98be51ac5178841063e1b01eb22136d3a7ab3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

via
1.1 google
cache-control
no-cache
access-control-allow-origin
*
content-length
107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2024-12-10_EVERGREEN_HEADER_AU_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2024-12-10_EVERGREEN_HEADER_AU_CONTROL%22%7D%2C%22action%22%3A%22INSERT%22%2C%22abTest%22%3A%7B%22name%22%3A%222024-12-10_EVERGREEN_HEADER_AU%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
index.html
assets.guim.co.uk/commercial/tpc-test/v2/ Frame D7AF 		269 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/commercial/tpc-test/v2/index.html
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfd64bea39f52c9b4b3287a616cab6ffcd60ad55fb18d52ea8d3fd54470af7a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
age
2449372
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
public, max-age=315360000, immutable
content-encoding
br
content-length
157
content-type
text/html
date
Tue, 12 Aug 2025 02:44:35 GMT
etag
"052b3f57b75db42414399a066fd428b6"
fastly-restarts
1
last-modified
Thu, 27 Feb 2025 14:12:38 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
vEo9zSwcf3/F2sf68waAmGPYMx4Y04m8JPpDCYPBQyL6dcUvg82Zb0ZWYU5QshrfeE+QxAqFgrQ=
x-amz-request-id
05WV7C5SDFYF8FN0
x-amz-server-side-encryption
AES256
x-amz-version-id
o.E78XbA8oJ4dPDdJ1Zqdz0_1768C0SD
x-cache
HIT
x-cache-hits
223
x-gu-debug-url
/PROD/frontend-static/commercial/tpc-test/v2/index.html
x-served-by
cache-syd10174-SYD
x-timer
S1754966675.126360,VS0,VE0
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:36 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
pub
pixel.adsafeprotected.com/services/ 		785 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline1,ss:%5B1.1,2.2,300.250,300.274,620.350,550.310,300.197%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
4a465e132d9043e24dc1607fd3a24e518eeb75f99ac8e5b6d89db0ab0d928159

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
pub
pixel.adsafeprotected.com/services/ 		786 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--top-above-nav,ss:%5B1.1,2.2,728.90,940.230,900.250,970.250,88.71,300.197,300.250%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
c271a306b433a4a8ee2e1daf0952f9d18ba0a0590776400fb8c62d66344e05f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
pub
pixel.adsafeprotected.com/services/ 		783 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--right,ss:%5B1.1,2.2,300.250,300.274,300.600%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
7f13f6e805a32ae0649493635b94d7746441046554fde1ac597aa1401cc65365

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
pub
pixel.adsafeprotected.com/services/ 		796 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising-high,ss:%5B1.1,2.2,88.87,970.250,300.250%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
f6c1134235e1d68a12aafaf30f167b407485936fe7aa39542b7a180845865348

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
pub
pixel.adsafeprotected.com/services/ 		785 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--mostpop,ss:%5B1.1,2.2,300.250,300.274,300.600,300.197%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
950a58ac9856cfa28ab966d537647ca9b2e6f57b1a6dbc374fe81ad134efa890

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
pub
pixel.adsafeprotected.com/services/ 		791 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising,ss:%5B1.1,2.2,88.88,970.250,300.250%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
f01a0f0b1712a5bdcdc11f64cfda04a916a97ccb90a377a1148a829644c4bf94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame EE10 		101 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
sffe /
Resource Hash
7feb8c059403c0e1f327f3155c8179eeb04cbb50650633c201e8bf7b86cf7d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
761
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28946
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Aug 2025 02:31:54 GMT
expires
Tue, 12 Aug 2025 03:21:54 GMT
last-modified
Mon, 11 Aug 2025 19:43:01 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
323358f43fff0e7172cf18e0990121158d12bf9dc037b4a103c3d793250d0818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
expires
Wed, 13 Aug 2025 02:44:36 GMT
access-control-allow-origin
*
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
text/javascript
vary
x-geo-country
server
nginx
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		396 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?r=1754966675173&v=eyJpZCI6NTgwNCwiZmwiOnRydWUsImRvbSI6Ind3dy50aGVndWFyZGlhbi5jb20iLCJsc28iOm51bGwsInVybCI6Imh0dHBzOi8vd3d3LnRoZWd1YXJkaWFuLmNvbS9hdXN0cmFsaWEtbmV3cy8yMDI1L2F1Zy8wMy9vbmxpbmUtc2hvcHBlcnMtd2VpZ2h0LWxvc3Mtc2NhbS1naG9zdC1zdG9yZXMtaW1wZXJzb25hdGUtcmVhbC1wZW9wbGUtc2VsbC1vemVtcGljLWxpa2UtdHJlYXRtZW50cy1udHduZmIiLCJydXJsIjoiIiwiZWNpZCI6ImYxODVhYTdiLWU0MWItNDMyMC1iYjU4LWI2M2JlMjhjMjcxYiIsImRjIjoiMjY2YWRkZDMtMjFhNC00NDBkLTgzNmYtODJmM2YyNTU0Nzg3IiwidmVyIjozNDUsImRmcGgiOiIiLCJ0ek9mZnNldCI6LTQ4MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
bc0f68b825d25069a2c12677b23004dceee453d65e735019d1a2623495752d27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
content-encoding
br
via
1.1 cab8093de9e922f6aac9f66e51afc0cc.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
VVVFHXgEpxloSZBWob9O-kXV9_zLQ6sgDWM3uwpw67NjN4IHVje08A==
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
SYD1-C1
bid
aax.amazon-adsystem.com/e/dtb/ 		700 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&pid=iK8umBrbwoqUn&cb=0&ws=1600x1200&v=25.806.025&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--top-above-nav%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Faustralia-news%2Farticle%2Fng%22%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F59666047%2Ftheguardian.com%2Faustralia-news%2Farticle%2Fng%23dfp-ad--top-above-nav%22%7D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%5D&sm=1a4141c2-d55f-4475-a038-e66ae154d0af&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e829017b-4052-4074-b3f7-21a393b7e2a9%22%7D%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.27.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-27-219.syd3.r.cloudfront.net
Software
Server /
Resource Hash
ca9afa2a85e423d746355c51226fd5a20217f8a2155213f601292fccfa545286

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.theguardian.com
x-cache
Miss from cloudfront
content-length
462
x-amz-cf-id
yfIarasN-scVqI6ge8W9JezNMIlQ6ePgwTMNRQInQbNMLTpfwgwdrA==
date
Tue, 12 Aug 2025 02:44:34 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
SYD3-P2
server
Server
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:36 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
pub
pixel.adsafeprotected.com/services/ 		785 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline2,ss:%5B1.1,2.2,300.250,300.274,300.600,160.600,300.197%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
c576b7a3636e90eb30e86553d8443fb439db7984e049901ed97ad29af8468db5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: secure-dcr.imrworldwide.com
URL: https://secure-dcr.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-77.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
x-amz-version-id
a0SQ93RXz9Q4xEag3.DjgVQk_0ifFaeH
etag
W/"931051f801612c3a0e2782961ac3d56c"
age
824
via
1.1 1756a318e802526c12a1158627f4728e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3bo_K1WIbyEvJDkBLDs1-a_cAm42ND0075M17DRRlISVf4jlkTHB1g==
date
Tue, 12 Aug 2025 02:30:52 GMT
content-type
application/javascript
last-modified
Tue, 08 Jul 2025 14:05:36 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
pub
pixel.adsafeprotected.com/services/ 		785 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline3,ss:%5B1.1,2.2,300.250,300.274,300.600,160.600,300.197%5D,p:/59666047/theguardian.com/australia-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0b267c83-c380-4874-8128-17edc00b3e6d&url=https%253A%252F%252Fwww.theguardian.com%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
93de79e9c569af6d9e91228aba96b99fbaa022327191c721061a2fc355823920

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
access-control-allow-credentials
true
/
www.google.com/pagead/1p-user-list/971225648/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971225648/?random=1754966674992&cv=9&fst=1754964000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&ig=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&tiba=Online%20shoppers%20warned%20of%20%E2%80%98dangerous%E2%80%99%20weight-loss%20scam%20as%20%E2%80%98ghost%20stores%E2%80%99%20impersonate%20real%20people%20to%20sell%20Ozempic-like%20treatments%20%7C%20Scams%20%7C%20The%20Guardian&hn=www.googleadservices.com&us_privacy=1YNN&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSfADZpuyz5WT0mjY7fQ9Xirl170BN5QskXEhUcJKP3aIzqlhk4rkne62ADOj_y71bNKlKeE7gkv2CecffVaM1Yfzm8XQLEBFRUxdg1E5YLfkGzfhP1fzaLCoHges-Lwxw5KltAmd7gFfpKhtE0LSSufD-MTXdztFm0HuSso4&random=2715428366&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com.au/pagead/1p-user-list/971225648/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/971225648/?random=1754966674992&cv=9&fst=1754964000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&ig=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&tiba=Online%20shoppers%20warned%20of%20%E2%80%98dangerous%E2%80%99%20weight-loss%20scam%20as%20%E2%80%98ghost%20stores%E2%80%99%20impersonate%20real%20people%20to%20sell%20Ozempic-like%20treatments%20%7C%20Scams%20%7C%20The%20Guardian&hn=www.googleadservices.com&us_privacy=1YNN&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSfADZpuyz5WT0mjY7fQ9Xirl170BN5QskXEhUcJKP3aIzqlhk4rkne62ADOj_y71bNKlKeE7gkv2CecffVaM1Yfzm8XQLEBFRUxdg1E5YLfkGzfhP1fzaLCoHges-Lwxw5KltAmd7gFfpKhtE0LSSufD-MTXdztFm0HuSso4&random=2715428366&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.70.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s02-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202508070101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202508070101/gpt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
405e6b13945fe51e9324e75a66a200f140d5454679eb781bda3af9bc55ddb92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
5991720260218776714
age
43992
x-content-type-options
nosniff
expires
Mon, 18 Aug 2025 14:31:23 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 11 Aug 2025 14:31:23 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23907
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202508070101"
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:10249&sessionId:0b267c83-c380-4874-8128-17edc00b3e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 12 Aug 2025 02:44:35 GMT
pragma
no-cache
content-type
image/gif
P505182AA-1D71-49D8-8287-AA222CD05424.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P505182AA-1D71-49D8-8287-AA222CD05424.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-77.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5987a92872ccfe04fee6e7c537ac0fd23278c7650c13f020f2ee7bbd8fef85ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

vary
accept-encoding
cache-control
max-age=86400,s-maxage=86400
content-encoding
gzip
x-amz-version-id
tpZgb_o7wqhJ4QgprgdT_0r0g5l2Mypv
etag
W/"0955e49e6f9d8a460d840b2264add196"
age
3333
via
1.1 1756a318e802526c12a1158627f4728e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Y5e6FjH7648lZZvyYu6ynDUN4wVsJgkBgZNAUp5RhJZGXjNjblt9IQ==
date
Tue, 12 Aug 2025 01:49:03 GMT
content-type
application/javascript
last-modified
Tue, 12 Aug 2025 01:16:54 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		246 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P505182AA-1D71-49D8-8287-AA222CD05424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-77.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80e0868c8df6e2b1f6f756117110368fb00f163fadccb6073109af049f132645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
x-amz-version-id
fi98WUC2WP2NuitnsiO.DMinLqDUnaUq
etag
W/"85e7705c0527418226b2f8eb4b467311"
age
825
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
aknS3Wh4uP4kgcj8sh2TtnQ6AEyXHWDr2JW7OLDBshR0g6j-wr4S5g==
date
Tue, 12 Aug 2025 02:30:51 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Tue, 08 Jul 2025 14:05:36 GMT
cache-control
max-age=86400
via
1.1 1756a318e802526c12a1158627f4728e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
storageframe.html
secure-gl.imrworldwide.com/ Frame C910 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-gl.imrworldwide.com/storageframe.html
Requested by
Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.175.115.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-175-115-80.syd3.r.cloudfront.net
Software
nginx /
Resource Hash
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 12 Aug 2025 02:44:35 GMT
etag
W/"67a0e409-2b27"
last-modified
Mon, 03 Feb 2025 15:43:05 GMT
server
nginx
vary
accept-encoding
via
1.1 b089b00224a18e318b083bd54ec53538.cloudfront.net (CloudFront)
x-amz-cf-id
GlakKDu0Vmg1rQ2i88zAAclRvPYyEeESMkAbFOBZJTzCgNMyl2HIdA==
x-amz-cf-pop
SYD3-P3
x-cache
Miss from cloudfront
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame F8BD 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-13.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

age
1840
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 12 Aug 2025 02:13:56 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Tue, 08 Jul 2025 14:05:36 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 9478009849c2f6b9551c4c5c23842910.cloudfront.net (CloudFront)
x-amz-cf-id
0ci1dSXQccH02T0_rSbstydX-iR9VfEIXWxSbnjx9MlIbQCMhrCZsA==
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
0Q6wmalO4lE8HrRTl.nf8_3x7cCGk9xA
x-cache
Hit from cloudfront
segment
api.permutive.com/ctx/v1/ 		147 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/ctx/v1/segment?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
b33822d0eb19a8e724a950d0112032a6f81090ebcc5ddd3eb58244fa1ffd2807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
application/json
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2024-12-10_EVERGREEN_HEADER_AU_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2024-12-10_EVERGREEN_HEADER_AU_CONTROL%22%7D%2C%22action%22%3A%22VIEW%22%2C%22abTest%22%3A%7B%22name%22%3A%222024-12-10_EVERGREEN_HEADER_AU%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame F8BD 		44 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P505182AA-1D71-49D8-8287-AA222CD05424&sessionId=5rtywxprhxhrhqdhccp8lierawsel1754966675&c16=sdkv,bj.6.0.0&uoo=&fp_id=ktxbeemol1uboaccbfp3riedjmmj01754966675&fp_cr_tm=1754966675344&fp_acc_tm=1754966675344&fp_emm_tm=1754966675344&ve_id=&c30=bldv,6.0.0.734&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.219.11 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-219-11.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://cdn-gl.imrworldwide.com/

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy
cross-origin
access-control-allow-methods
POST, OPTIONS
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
44
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
image/gif
server
nginx
/
5rtywxprhxhrhqdhccp8lierawsel1754966675.nuid.imrworldwide.com/ Frame F8BD 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5rtywxprhxhrhqdhccp8lierawsel1754966675.nuid.imrworldwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-31.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://cdn-gl.imrworldwide.com/

Response headers

etag
"c2196de8ba412c60c22ab491af7b1409"
age
59446
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
KcU1tP5IfvGQ2lrliGaLcEJcMZJSxZPi2sb0nNxV89VgB2Qvv5N8uQ==
date
Mon, 11 Aug 2025 10:13:50 GMT
content-type
image/gif
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
bounce
id5-sync.com/ 		29 B
527 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.theguardian.com
p3p
CP="CAO PSA OUR"
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
text/plain;charset=utf-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.92.143 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
24412e6fdd199771a88dd7b88781f5813ae0fef48a34b8ff6f2916196617bf08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-origin
https://www.theguardian.com
content-length
54
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.129.85.132 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3249663.ip-57-129-85.eu
Software
/
Resource Hash
9692bd560e78d8ce3d998815d6da726cb5a7d4ecd78adc72b501ae176a53b836
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.theguardian.com
content-encoding
gzip
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D1643%26segid%3D137631
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D1643%26segid%3D137631&rdf=1
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=1643&segid=137631
0
0
DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527
pubads.g.doubleclick.net/activity;dc_iu=/59666047/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/59666047/DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 12 Aug 2025 02:44:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bid
aax.amazon-adsystem.com/e/dtb/ 		807 B
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&pid=iK8umBrbwoqUn&cb=1&ws=1600x1200&v=25.806.025&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--right%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Faustralia-news%2Farticle%2Fng%22%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F59666047%2Ftheguardian.com%2Faustralia-news%2Farticle%2Fng%23dfp-ad--right%22%7D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%5D&sm=1a4141c2-d55f-4475-a038-e66ae154d0af&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e829017b-4052-4074-b3f7-21a393b7e2a9%22%7D%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.27.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-27-219.syd3.r.cloudfront.net
Software
Server /
Resource Hash
27f6231f60daca33dd549e587a5a2283e3ccddb91b7a389acba795cfbc0270c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.theguardian.com
x-cache
Miss from cloudfront
content-length
475
x-amz-cf-id
zyTt6bHFhiRHFWyNJHHZ52bnLhODRxAMPRz9IgB1C8NB79NhCc-RgQ==
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
SYD3-P2
server
Server
iu3
s.amazon-adsystem.com/ Frame 869A
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&dcc=t
340 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
77f945f54501bce015d5a90f8d901162c8a7c636e6f14d0a0778fe1931f1b2aa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
340
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Aug 2025 02:44:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K2HYD6KRJK5FKGXFPCZE

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ASFKJMJAYDGMAYZB4MJX
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
0c423bce5f36c92a0050f9792093e68b0d0749a8da26f56f1584ddf8c425c794
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
180.149.228.70; 180.149.228.70; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.theguardian.com
an-x-request-uuid
bbf127fa-a2c6-4de3-9a67-1b874240e56b
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 12 Aug 2025 02:44:36 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.25.5
theguardian
direct.adsrvr.org/bid/bidder/ 		0
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/theguardian
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://www.theguardian.com
content-length
0
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
prebidjs
rtb.openx.net/openrtbb/ 		53 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d4f967772bb8a078808cfae456f771ca3884e1ad87ddcd1350876c5e60ee674c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
x-forwarded-for
180.149.228.70
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.theguardian.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Tue, 12 Aug 2025 02:44:35 GMT
content-type
text/plain
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.27.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.0.107.214 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-107-214.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
access-control-allow-credentials
true
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.theguardian.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208280
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81065ebcd6ea56efdf6de99325af95a59ffb977a68fef929584d98198180d2b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQ6MrBD2mvts%2BL2T%2BHLv3L64hj%2BsSPOJBuAjmnvukILX7XImkmEBF4M8FMiR08c%2BTpJzKdZfNj0po2CnThKp%2BQPO470f0vNIiwD5OUmBbxGYNO6pkQMWCtZBXQNN4O4iPWVaP6ix"}],"group":"cf-nel","max_age":604800}
cf-ray
96dca1bb7bc4a34c-SYD
expires
0
access-control-allow-origin
https://www.theguardian.com
alt-svc
h3=":443"; ma=86400
content-length
37
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
fastlane.json
fastlane.rubiconproject.com/a/api/ 		649 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=26644&site_id=554256&zone_id=3471458&size_id=2&alt_size_ids=57&us_privacy=1YNN&eid_pubcid.org=e829017b-4052-4074-b3f7-21a393b7e2a9%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&kw=Scams%2CHealth%2CAustralia%20news%2CBusiness%2CInternet%2CAustralian%20Competition%20and%20Consumer%20Commission%20(ACCC)&tg_i.domain=theguardian.com&tg_i.page=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&tg_i.keywords=Scams%2CHealth%2CAustralia%20news%2CBusiness%2CInternet%2CAustralian%20Competition%20and%20Consumer%20Commission%20(ACCC)&tg_i.pbadslot=%2F59666047%2Fgu%2Faustralia-news%2FArticle%2Ftop-above-nav&tk_flint=pbjs_lite_v9.27.0&l_pb_bid_id=1409758b99692cd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F59666047%2Fgu%2Faustralia-news%2FArticle%2Ftop-above-nav&m_ch_mobile=%3F0&slots=1&rand=0.93366200700663
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
53d8189e4741ca23585d523820361cd6974262ebe80d3407596f2aec301c52b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.theguardian.com
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.27.0&cb=91665753929&lsavail=1&networkId=337
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.theguardian.com
date
Tue, 12 Aug 2025 02:44:36 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
0
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.129.85.132 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3249663.ip-57-129-85.eu
Software
/
Resource Hash
b9f1fb442393c24050178c1e4dba6379ac1e89ce480550c9877271d18b8575d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.theguardian.com
content-encoding
gzip
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b4804d7b348cd959078c4ace53b9d8a567726b729b2b57cecfc9246f7c940acb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.theguardian.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json
vary
Origin
server
Permutive
syncframe
gum.criteo.com/ Frame 82F4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theguardian.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0b96855e780057f73465081f56971f30c152233048e4af1bc2b1437b07d8b597
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Aug 2025 02:44:36 GMT
server
Kestrel
server-processing-duration-in-ticks
219853
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
2
ophan.theguardian.com/img/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ophan.theguardian.com/img/2?viewId=me7xug30oi67f959097o&abTestRegister=%7B%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.client.web.5805dd79c70fc1de5fea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.135.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-135-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
cache-control
no-cache, no-store
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
/
d0.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.86 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip86.ip-135-125-146.eu
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.82 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip82.ip-135-125-146.eu
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.255 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip255.ip-51-195-34.eu
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.255 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip255.ip-51-195-34.eu
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip80.ip-135-125-146.eu
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.100 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip100.ip-51-195-127.eu
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.145.78 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip78.ip-135-125-145.eu
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d0.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.220 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip220.ip-51-195-34.eu
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip113.ip-51-195-73.eu
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip74.ip-51-195-73.eu
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip80.ip-135-125-146.eu
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.71 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip71.ip-51-195-73.eu
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.100 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip100.ip-51-195-127.eu
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip115.ip-51-195-127.eu
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip30.ip-51-195-126.eu
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
pr
s.amazon-adsystem.com/v3/ Frame 74AD 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
ee1eb95ce75675e033c7c2c56170803c40ab16eaf32331e0038e212aa1756d5b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2699
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Aug 2025 02:44:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NW8P0BXMETTPM1FJVHAP
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
aa2e2cb4eddba2189ae4aced3455f7e372ad18b13bbbfe93bb84083be8ba8f38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.theguardian.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
application/json
vary
Origin
server
Permutive
ecm3
s.amazon-adsystem.com/ Frame 74AD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
9WEVZHMN5N451RWQKD57
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
content-length
0
Content-Type
text/html
ecm3
s.amazon-adsystem.com/ Frame 74AD
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3979682772440603000V10
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3979682772440603000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
AP9SM9T2YEHWZC74XG13
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3979682772440603000V10
Content-Encoding
gzip
Pragma
no-cache
Connection
close
Expires
Tue, 12 Aug 2025 02:44:37 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Date
Tue, 12 Aug 2025 02:44:37 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
amzns2s
rtb.gumgum.com/usync/ Frame B4A3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.133.6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-133-6.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77d03c890ba7e0af5c92f14941b7248887f296e6c180a4a563671e30e246ac83

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 12 Aug 2025 02:44:37 GMT
etag
W/"07d2935c7de1de8072a4ce083d92497a5"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 1B6A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3cc57725ea862b57c3ac9c0c67bb2695be342d925f67472ee257f64fe9512f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
96dca1c46cd4a7ea-SYD
content-encoding
br
content-type
text/html
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MJ6sHQp%2FZntEMITE6z5ejj1%2FSBK%2FbAwd%2BQB5UPT%2F%2BTrqIivxwzqQUB5KX7ccOwK4kWr6SiuKP8RUcZIGzS8pA7LQd2vLHxvdXRef9Gn1iV%2FQQ50KzLaWSxqNqmNbjpbNGM8h8BTtlxCiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
96dca1c3ac47a7ea-SYD
content-length
0
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hyo8IFZVSv5Sv3IfEieBQVNImaffoOVldLRpZFEqB8RqC5QHbPteKLCds3HkKb0SRqDWsT7c0c2h3tS%2BF7RhsasOEZH3LOimz7arpYytZDMVDj7oJoTzkjqBS95pwGuDaffXJ6SPZiQu1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 69F9 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.225.41 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=143564
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Wed, 13 Aug 2025 18:37:21 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
amazon
s.seedtag.com/cs/cookiesync/ Frame 0CCA 		800 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/amazon?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dseedtag.com%26id%3D%24USER_ID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.56.62 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0603a5eadea6b4e24dd9aa36e2dfe8dd311b486247706a57cf73ec9c659d563b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
96dca1c3ad43a34c-SYD
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Aug 2025 02:44:37 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
accept-encoding
via
1.1 google
user-sync.html
ms-cookie-sync.presage.io/ Frame 7E52 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5df33022ff08c935dc32e365835d570b715499098657dbdbe92c373d276e1e04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 7176
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
703 B
929 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
f050e778b0de1b6455efc8f1bb9db15cd97c638a4e9181a9076abf81cea97e99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
703
content-type
text/html
date
Tue, 12 Aug 2025 02:44:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
180.149.228.70

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 12 Aug 2025 02:44:36 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
180.149.228.70
ecm3
s.amazon-adsystem.com/ Frame 5365
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2652666511089198083&gdpr=0&gdpr_consent=
43 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2652666511089198083&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5A44ZA4RQDDDS9KCMMC5

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 12 Aug 2025 02:44:36 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2652666511089198083&gdpr=0&gdpr_consent=
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
ecm3
s.amazon-adsystem.com/ Frame 9B0B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2024682871925848210&ex=appnexus.com
43 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2024682871925848210&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CFPEV19WBDZNF9B1KGDK

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7483675b-0f70-4597-b65e-e55ad0c216ec
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=2024682871925848210&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.25.5
x-proxy-origin
180.149.228.70; 180.149.228.70; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame AC17
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3873605382230314334603
43 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3873605382230314334603
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
K0J2M0YK2R8HHPTGR1H9

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Aug 2025 02:44:37 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3873605382230314334603
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:10249&sessionId:0b267c83-c380-4874-8128-17edc00b3e6d&err:responsetime%3A78%26probability%3A10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 12 Aug 2025 02:44:37 GMT
pragma
no-cache
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 69F9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51776037&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bc4a19bf4fdc204e67156c2350a9ad12fb9a7ca20475b8f227a57dcb7cdc705f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-length
1741
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 0CCA 		43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=seedtag.com&id=01989c2a-567c-77ee-9784-5a1ff84fee43
Requested by
Host: s.seedtag.com
URL: https://s.seedtag.com/cs/cookiesync/amazon?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dseedtag.com%26id%3D%24USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://s.seedtag.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
1WBRX0RYM8GPQVNB84WT
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:37 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 0CCA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=ME7XUHV7-12-IF18
0
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=ME7XUHV7-12-IF18
Requested by
Host: s.seedtag.com
URL: https://s.seedtag.com/cs/cookiesync/amazon?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dseedtag.com%26id%3D%24USER_ID
Protocol
H3
Server
104.16.56.62 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://s.seedtag.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
via
1.1 google
cf-ray
96dca1c5f9e3a34c-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Tue, 12 Aug 2025 02:44:37 GMT
server
cloudflare
priority
u=2,i
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=ME7XUHV7-12-IF18
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d264e84c9dc1a645a3048554992c5d82
content-length
0
Content-Type
text/html
appnexus
s.seedtag.com/cs/cookiesync/ Frame 0CCA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=$UID&consent=1
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2024682871925848210&consent=1
0
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2024682871925848210&consent=1
Requested by
Host: s.seedtag.com
URL: https://s.seedtag.com/cs/cookiesync/amazon?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dseedtag.com%26id%3D%24USER_ID
Protocol
H3
Server
104.16.56.62 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://s.seedtag.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
via
1.1 google
cf-ray
96dca1c93ff0a34c-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
server
cloudflare
priority
u=2,i
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control
no-store, no-cache, private
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2024682871925848210&consent=1
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
180.149.228.70; 180.149.228.70; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f0fc0998-30fe-499d-b07f-fd11ffcf7763
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
getuid
sync.smartadserver.com/ Frame 0CCA
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Requested by
Host: s.seedtag.com
URL: https://s.seedtag.com/cs/cookiesync/amazon?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dseedtag.com%26id%3D%24USER_ID
Protocol
H2
Server
23.106.50.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://s.seedtag.com/

Response headers

cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 12 Aug 2025 02:44:37 GMT
pragma
no-cache

Redirect headers

cache-control
no-cache,no-store
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 12 Aug 2025 02:44:36 GMT
pragma
no-cache
outbrain
s.seedtag.com/cs/cookiesync/ Frame 0CCA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=01989c2a-567c-77ee-9784-5a1ff84fee43&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fch...
  • https://b1sync.outbrain.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&puid=01989c2a-567c-77ee-9784-5a1f...
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&obuid=7d8a73b2-fb18-4a02-bc00-f49e...
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=__ZUID__&gdpr=0
0
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=__ZUID__&gdpr=0
Requested by
Host: s.seedtag.com
URL: https://s.seedtag.com/cs/cookiesync/amazon?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dseedtag.com%26id%3D%24USER_ID
Protocol
H3
Server
104.16.56.62 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://s.seedtag.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
via
1.1 google
cf-ray
96dca1cfdd8ca34c-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Tue, 12 Aug 2025 02:44:39 GMT
server
cloudflare
priority
u=2,i
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=__ZUID__&gdpr=0
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="We do not support P3P header."
content-length
98
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
text/html; charset=utf-8
json
gum.criteo.com/sid/ Frame 82F4 		446 B
925 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&topicsavail=0&fledgeavail=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theguardian.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4f7cb4338161036eecac207e6ff0be5e95881d316723b7ae9b4f93600796e586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theguardian.com

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
server-processing-duration-in-ticks
1117834
expires
0
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
sodar
ep1.adtrafficquality.google/getconfig/ 		18 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202508070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
920de13b9696be8aad5ad17db9a2dfb643b39ba3a84c606e9cf02d2a240e3517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13572
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=8150879539083960&correlator=2786344289421181&eid=31093713%2C31093979%2C83321072%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202508070101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Caustralia-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C728x90%7C940x230%7C900x250%7C970x250%7C88x71&fluid=height&ifi=1&didk=1168867225&dids=dfp-ad--top-above-nav&adfs=2640969809&sfv=1-0-45&fsbs=1&sc=1&cookie_enabled=1&abxe=1&dt=1754966677234&lmt=1754966677&adxs=799&adys=21&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&vis=1&psz=1600x20&msz=2x0&fws=516&ohw=1600&topics=1&tps=1&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGU4MjkwMTdiLTQwNTItNDA3NC1iM2Y3LTIxYTM5M2I3ZTJhOVgBEh0KDmVzcC5jcml0ZW8uY29tGM-dqeGJM0gAUgIIZA..&cbidsp=CrkDCAESEQoDdHRkEMIJIAI4AVIDdHRkEhgKA294ZBDoASACOAFSBW9wZW54UgNveGQSHwoKdHJpcGxlbGlmdBCKBCACOAFSCnRyaXBsZWxpZnQSDwoCaXgQlAUgAjgBUgJpeBIPCgJpeBCUBSACOAFSAml4EhkKB3J1Ymljb24QjwUgAjgBUgdydWJpY29uEhcKBmNyaXRlbxCLCCACOAFSBmNyaXRlbxIbCghwdWJtYXRpYxDcCyADOAFSCHB1Ym1hdGljErcBCgNhbmQQjwQalwEKEDE5MTk4ZjA0N2ZkZjVhMzgQ7-8BGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCINaGJfYmlkZGVyX2FuZCILaGJfYWRpZF9hbmQiCWhiX3BiX2FuZCILaGJfc2l6ZV9hbmQiDWhiX2Zvcm1hdF9hbmQoAToGCMoHEPoBIAEwADgBUghhcHBuZXh1c1IDYW5kGAIiJDdlOGQxYmE2LWM3YWYtNDg2MC04NjExLTU0MDZiOGM5MzIzZioECAMgADIHdjkuMjcuMEDcC0oA&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1754966673878&idt=1195&prev_scp=slot-fabric%3Dfabric1%26slot%3Dtop-above-nav%26testgroup%3D74%26amznbid%3D1i9kpog%26amznp%3D3f54ao%26id%3D48282be1-7726-11f0-8f66-8ae1a1b3060b%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%26teadsEligible%3Dfalse%26amzniid%3DJO_-tvRtlkf3T1SbyIgAyDkAAAGYnCpQjQUAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAeyXa7%26amznsz%3D970x250%26amznactt%3DOPEN%26hb_format_and%3Dbanner%26hb_size_and%3D970x250%26hb_pb_and%3D0.03%26hb_adid_and%3D19198f047fdf5a38%26hb_bidder_and%3Dand%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.03%26hb_adid%3D19198f047fdf5a38%26hb_bidder%3Dand&cust_params=permutive%3D137631%252C151037%252C155919%252C184196%252C23527%252Cadv%252Crts%252Crts%252Crts%252Crts%252Crts%26amtgrp%3D11%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Dna%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dau%26tn%3Dnews%26p%3Dng%26k%3Dhealth%252Cscams%252Caustralia-news%252Cbusiness-australia%252Caustralian-competition-and-consumer-commission%252Cinternet%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fx2z2fb%26co%3Dcatie-mcleod%26url%3D%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb%26dcre%3Dt%26rc%3D4%26rp%3Ddotcom-rendering%26s%3Daustralia-news%26sens%3Df%26urlkw%3Donline%252Cshoppers%252Cweight%252Closs%252Cscam%252Cghost%252Cstores%252Cimpersonate%252Creal%252Cpeople%252Csell%252Cozempic%252Clike%252Ctreatments%252Cntwnfb%26allkw%3Donline%252Cshoppers%252Cweight%252Closs%252Cscam%252Cghost%252Cstores%252Cimpersonate%252Creal%252Cpeople%252Csell%252Cozempic%252Clike%252Ctreatments%252Cntwnfb%252Chealth%252Cscams%252Caustralia-news%252Cbusiness-australia%252Caustralian-competition-and-consumer-commission%252Cinternet%26cc%3DAU%26lh%3D10%26pv%3Dme7xug30oi67f959097o%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3D4a2a3d2d-559a-46a5-b552-ec792b7fbad8%26prmtvvid%3Db710a18c-5e3b-4af5-8e66-0fd63410399e%26prmtvsid%3Ddb3dd0c6-6745-42ac-bea3-e6b58fd8a96e%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3Dlow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fra%3Dfalse%26ias-kw%3DIAS_3030_KW%252CIAS_15682_KW%252CIAS_1525966_PG%252CIAS_1508982_PG%252CIAS_1516307_PG%252CIAS_1500095_PG%252CIAS_1500693_PG%252CIAS_1500175_PG%252CIAS_1507654_PG%252CIAS_1508974_PG%252CIAS_1506123_PG%252CIAS_1507659_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_1508967_PG%252CIAS_1512447_PG%252CIAS_11461_702_KW%252CIAS_SET%252CIAS_16425_KW%252CIAS_1525969_PG%252CIAS_18895_1753_KW%252CIAS_3696_450_KW%252CIAS_1509978_PG%252CIAS_1509993_PG%252CIAS_1509999_PG%263pc%3Dt%26prmtvctx%3Drts%252Crts%252Crts%252Crts&adks=3288983813&frm=20&eoidce=1&gblpids=%2F59666047%2Fgu%2Faustralia-news%2FArticle%2Ftop-above-nav&pb_szs=970x250%7C728x90&td=1&egid=28898&tan=8094dcfe-e925-49f2-86e3-e2458aacc44f&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
22259e8e2ef8ac4cfe2c9f21656c3439ba2b3dfc318cb13a604be38fec4a7018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
dcb
google-lineitem-id
5317866223
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138304903415
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.theguardian.com
content-length
5003
x-xss-protection
0
server
cafe
container.html
c88f4970dc9a2ab19d8dca443dcb3d76.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 2AA8 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c88f4970dc9a2ab19d8dca443dcb3d76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Tue, 12 Aug 2025 02:44:37 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
182.json
id5-sync.com/g/v2/ 		893 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/182.json
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
975ef8abbe11d9a953cfa05b4b06a413e4eb6145a8e73f967333337e435eb345
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.theguardian.com
p3p
CP="CAO PSA OUR"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame 7176 		43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=5ab0266f-be23-c8a4-1b42-0a1d5befe550
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
KK8GP4G2B5M8M0VYXJ0E
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:37 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
sd
us-u.openx.net/w/1.0/ Frame 7176
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMhsLxkeZqvTkBCjUCYh8mI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMhsLxkeZqvTkBCjUCYh8mI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
180.149.228.70
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
image/gif
vary
Accept

Redirect headers

cache-control
no-cache, must-revalidate
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMhsLxkeZqvTkBCjUCYh8mI&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
295
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/ Frame 7176 		170 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmUwOTg5ZDgtNmJmZS0yZGZhLWNlYWMtZDIzM2Y5M2VlMGQw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
sd
jp-u.openx.net/w/1.0/ Frame 7176
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeOeSquCbKFks8AKGbGv3gm9c8AAAGYnCpX6w
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeOeSquCbKFks8AKGbGv3gm9c8AAAGYnCpX6w
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
180.149.228.70
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
image/gif
vary
Accept

Redirect headers

cache-control
no-cache
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUeOeSquCbKFks8AKGbGv3gm9c8AAAGYnCpX6w
pragma
no-cache
via
1.1 2886e4c3f0ae51eca00bc6ca8a0f5226.cloudfront.net (CloudFront)
expires
-1
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
NJvoJI8yCSdXXg1VIYvnSBJDQdtz25xNlvRaR9HTAhHuySWPyCp_WA==
date
Tue, 12 Aug 2025 02:44:37 GMT
x-amz-cf-pop
SYD3-P2
sd
us-u.openx.net/w/1.0/ Frame 7176
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2969feb4-c901-4188-9be5-ae61541f3b7e&ttd_puid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0&gdpr_consent=
43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2969feb4-c901-4188-9be5-ae61541f3b7e&ttd_puid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
180.149.228.70
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
image/gif
vary
Accept

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2969feb4-c901-4188-9be5-ae61541f3b7e&ttd_puid=02665a12-a289-735e-db4c-888a33dc2eb0&gdpr=0&gdpr_consent=
content-length
335
date
Tue, 12 Aug 2025 02:44:37 GMT
server
Kestrel
sd
us-u.openx.net/w/1.0/ Frame 7176
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2507349102497968926&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2507349102497968926&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
180.149.228.70
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
image/gif
vary
Accept

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2507349102497968926&gdpr=0&gdpr_consent=&us_privacy=
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:37 GMT
Pragma
no-cache
Connection
keep-alive
rum
dsum-sec.casalemedia.com/ Frame 1B6A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=565444fc-936b-4bea-a1c5-16544feb0ae6&expiration=1757558677&gdpr=0&gdpr_consent=
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=565444fc-936b-4bea-a1c5-16544feb0ae6&expiration=1757558677&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2QQdzDB%2Bo%2B%2FF0wqd%2BsROxI9f8yKnFJMIVJHdkyQ3wCh4PBtz0xfNWbCRsQ0utAS47NYrR316Bt%2BJxfpbqmUKOGydfQaYCkB%2Fl5DWdggzSKQntH%2BNOwZJwWF4aF8zF7dY%2F4fH5k3zo3lhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
96dca1c5ade5a7ea-SYD
content-length
43
server
cloudflare

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=565444fc-936b-4bea-a1c5-16544feb0ae6&expiration=1757558677&gdpr=0&gdpr_consent=
content-length
323
date
Tue, 12 Aug 2025 02:44:37 GMT
server
Kestrel
dcm
s.amazon-adsystem.com/ Frame 1B6A 		43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
JQWVRAM3JGHBGSYFV584
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
31327
i.liadm.com/s/ Frame 1B6A 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=aJqqlYsFVecADLklAQveKgAA%264911&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.26.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-26-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:38 GMT
trace-id
e11cf1b559ac438e
Request-Time
0
Connection
keep-alive
crum
dsum-sec.casalemedia.com/ Frame 1B6A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aJqqlYsFVecADLklAQveKgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIQJwvjP3_dSZPL9bBzefFE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIQJwvjP3_dSZPL9bBzefFE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfTClCAb0gfq97n%2BuTQ4Pp4uYtK2betyV77DoQDVbWxs7Yxk7tCs5kT%2FtHGGLp5R%2FVVIq%2BdMQB9pFwZpePzjOC89B2ZN6oj8AK6LSsyJuYwOalPdsLunw9X%2Fw25mUVdNTnWI9PoFAYDErg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
96dca1c6fef8a7ea-SYD
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIQJwvjP3_dSZPL9bBzefFE&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
314
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
crum
dsum-sec.casalemedia.com/ Frame 1B6A
Redirect Chain
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=aW5kZXhleGNoYW5nZQ==&gdpr=&gdpr_consent=&us_privacy=&callback=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D259%26external_user_id%3D...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=259&external_user_id=ym_user_ec497ec5-e18d-4bac-8aa1-37273cd1a351&gdpr=&gdpr_consent=&us_privacy=
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=259&external_user_id=ym_user_ec497ec5-e18d-4bac-8aa1-37273cd1a351&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfLjs%2F8WASG9HQvwE59L0Vd%2FuX2n2eEHgzHdAVXzEPyxkud4cD2YXDLKpfOWKy9P5Ps%2FuuuWUis%2BlEYVV%2FFHspfCnLb33qGYOQluFUaIoT%2FNBA18Vi5lUk%2B6BqpjqvVQohHV4o82V%2BM%2FGg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
96dca1cb0a1ba7ea-SYD
content-length
43
server
cloudflare

Redirect headers

access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=259&external_user_id=ym_user_ec497ec5-e18d-4bac-8aa1-37273cd1a351&gdpr=&gdpr_consent=&us_privacy=
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
user-registering
ads.stickyadstv.com/ Frame 1B6A 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.211 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
x-sticky-vk
1754966677369091-69
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Tue, 12 Aug 2025 02:44:37 GMT
Access-Control-Allow-Origin
*
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:37 GMT
Content-Type
image/gif
Server
nginx
/
csync.loopme.me/ Frame 1B6A 		0
0
pixel
cm.g.doubleclick.net/ Frame 1B6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKy0PUrKz...
  • https://cm.g.doubleclick.net/pixel?gdpr=&gdpr_consent=&google_cver=1&google_gid=CAESEKy0PUrKzEceE8HRBVu4paU&google_hm=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&google_nid=index&gpp=&gpp=&gpp_sid=&gpp_sid=
170 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=&gdpr_consent=&google_cver=1&google_gid=CAESEKy0PUrKzEceE8HRBVu4paU&google_hm=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&google_nid=index&gpp=&gpp=&gpp_sid=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
142.250.70.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zFUj63x2fCatXhhTC9R5CMwn43SjEvI3te36ISdgx3DsAj1nlHP8QaBkojjOyVPgaRoOwPXsBbi5s96HxGuZ8oCVNJwdWf8hzngCqZIAjdCULbZ9xJaKM9yLgahbpIBwe8dvmGwynvN7A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 12 Aug 2025 02:44:37 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
https://cm.g.doubleclick.net/pixel?gdpr=&gdpr_consent=&google_cver=1&google_gid=CAESEKy0PUrKzEceE8HRBVu4paU&google_hm=aJqqlYsFVecADLklAQveKgAAEy8AAAIB&google_nid=index&gpp=&gpp=&gpp_sid=&gpp_sid=
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
96dca1c6aeaca7ea-SYD
content-length
0
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame 1B6A 		43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=aJqqlYsFVecADLklAQveKgAAEy8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
BNP3X5844XY7Y4VS3T78
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
usersync
usersync.gumgum.com/ Frame B4A3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2024682871925848210
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2024682871925848210
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:38 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

cache-control
no-store, no-cache, private
location
https://usersync.gumgum.com/usersync?b=apn&i=2024682871925848210
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
180.149.228.70; 180.149.228.70; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
12594c71-9006-4114-bcc6-976973cfc2b1
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
cookiesyncredir
bttrack.com/pixel/ Frame B4A3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_698909cb-a7f7-457a-996c-68e3dbaa7937&gdpr=&gdpr_consent=&us_privacy=
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=gumgum2
35 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=gumgum2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
64.38.119.43 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

strict-transport-security
max-age=31536000;
cache-control
private,no-cache
x-servername
track001-sjc
pragma
no-cache
expires
-1
content-length
35
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=gumgum2
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Aug 2025 02:44:38 GMT
usersync
usersync.gumgum.com/ Frame B4A3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=f55bfe62-8a9c-4b08-bc37-9867fb8c2ff6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=f55bfe62-8a9c-4b08-bc37-9867fb8c2ff6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:37 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://usersync.gumgum.com/usersync?b=opx&i=f55bfe62-8a9c-4b08-bc37-9867fb8c2ff6
pragma
no-cache
x-forwarded-for
180.149.228.70
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 12 Aug 2025 02:44:36 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
usersync
usersync.gumgum.com/ Frame B4A3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=75w8CirDUpREm6Je1BvjLLSV5EY
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=75w8CirDUpREm6Je1BvjLLSV5EY
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:38 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=75w8CirDUpREm6Je1BvjLLSV5EY
Content-Length
99
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
usersync
usersync.gumgum.com/ Frame B4A3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-rcJDa7pE2pd_dCVG4LlsV_WK2fSf99ics6SW~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-rcJDa7pE2pd_dCVG4LlsV_WK2fSf99ics6SW~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:38 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://usersync.gumgum.com/usersync?b=oth&i=y-rcJDa7pE2pd_dCVG4LlsV_WK2fSf99ics6SW~A
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Tue, 12 Aug 2025 02:44:37 GMT
server
ATS
x-frame-options
DENY
usersync
usersync.gumgum.com/ Frame B4A3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=c36a899b-3090-49a0-9ad2-000c1dba0615
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=c36a899b-3090-49a0-9ad2-000c1dba0615
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:38 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

X-CI-RTID
7b327cc7-0dc9-444a-bfb2-98cbdbf7965f
Location
https://usersync.gumgum.com/usersync?b=vnt&i=c36a899b-3090-49a0-9ad2-000c1dba0615
Content-Length
108
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
142
match.deepintent.com/usersync/ Frame B4A3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 12 Aug 2025 02:44:38 GMT
server
a
content-length
0
usersync
usersync.gumgum.com/ Frame B4A3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_698909cb-a7f7-457a-996c-68e3dbaa7937&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.outbrain.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_698909cb-a7f7-457a-996c-68e3dbaa7937&s=2&us_privacy=
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&obuid=55ba3868-2547-4349-b1ed-ff18c2217759&puid=a_698909cb-a...
  • https://usersync.gumgum.com/usersync?b=zem&i=__ZUID__
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=__ZUID__
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:39 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
https://usersync.gumgum.com/usersync?b=zem&i=__ZUID__
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="We do not support P3P header."
content-length
80
date
Tue, 12 Aug 2025 02:44:39 GMT
content-type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame B4A3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=wj3SpJ4yFktt&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=wj3SpJ4yFktt&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
13.213.133.6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-133-6.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
expires
0
content-length
35
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://rtb.gumgum.com/usersync?b=pln&i=wj3SpJ4yFktt&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-799d74f574-5d26c
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
server
Jetty(12.0.22)
usersync
usersync.gumgum.com/ Frame B4A3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1216815371593180373
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1216815371593180373
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:37 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

cache-control
no-cache,no-store
location
https://usersync.gumgum.com/usersync?b=sad&i=1216815371593180373
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 12 Aug 2025 02:44:37 GMT
pragma
no-cache
ecm3
s.amazon-adsystem.com/ Frame B4A3 		43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_698909cb-a7f7-457a-996c-68e3dbaa7937
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
2AYKE72X56G3K245RZGW
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
usersync
usersync.gumgum.com/ Frame 508E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=7306458255467672195&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=7306458255467672195&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 12 Aug 2025 02:44:39 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=7306458255467672195&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 8225 		170 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82OTg5MDljYi1hN2Y3LTQ1N2EtOTk2Yy02OGUzZGJhYTc5Mzc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
content-type
image/png
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
cross-origin-resource-policy
cross-origin
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B88 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.225.41 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=143564
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Wed, 13 Aug 2025 18:37:21 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 326C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=565444fc-936b-4bea-a1c5-16544feb0ae6
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=565444fc-936b-4bea-a1c5-16544feb0ae6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:37 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Tue, 12 Aug 2025 02:44:37 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=565444fc-936b-4bea-a1c5-16544feb0ae6
server
Kestrel
usersync
usersync.gumgum.com/ Frame F1AF
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=aJqqlsCo8IsAANdyKVUAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=aJqqlsCo8IsAANdyKVUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:38 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=aJqqlsCo8IsAANdyKVUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad152.dc4p.scaleout.jp
X-SO-IP
180.149.228.70
X-SO-Key
aJqqlsCo8IsAANdyKVUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"180.149.228.70","key":"aJqqlsCo8IsAANdyKVUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad152"}
X-SO-LB-Hostname
m-ng39.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad152
usersync
usersync.gumgum.com/ Frame 3DE5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=RMp9tPL9zKVDVMZmR0GOvToZJhI8XwBlYjCDHMEtCY0&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RMp9tPL9zKVDVMZmR0GOvToZJhI8XwBlYjCDHMEtCY0&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT Tue, 12 Aug 2025 02:44:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RMp9tPL9zKVDVMZmR0GOvToZJhI8XwBlYjCDHMEtCY0&pi=gumgum&tc=1
pragma
no-cache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8BA7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 12 Aug 2025 02:44:37 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Aug 2025 02:44:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sodar2.js
ep2.adtrafficquality.google/sodar/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f1.1e100.net
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 12 Aug 2025 02:44:37 GMT
alt-svc
h3=":443"; ma=2592000
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
usync.js
eus.rubiconproject.com/ Frame 8BA7 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
98e5e47b586419dd4184a0f7eb9b254a2e0ac626203f26656448dc02d1f68b31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum

Response headers

cache-control
max-age=86032
content-encoding
gzip
expires
Wed, 13 Aug 2025 02:38:29 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11461
date
Tue, 12 Aug 2025 02:44:37 GMT
last-modified
Tue, 12 Aug 2025 02:38:29 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 6FE3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Aug 2025 02:16:32 GMT
expires
Tue, 12 Aug 2025 03:06:32 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9312 		829 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f4.1e100.net
Software
ESF /
Resource Hash
554f9165e1198e629d454e2087af5467b6d7df8b36dcb7f46dec7ba8617e5835
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ANAHtP0HwltKtwi7F8607A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ANAHtP0HwltKtwi7F8607A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Tue, 12 Aug 2025 02:44:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
915051120555b2405abd5cd348a2e0bf824153b44eddbbfc150119179e5f9c8c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
180.149.228.70; 180.149.228.70; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.theguardian.com
an-x-request-uuid
17697df3-786e-436b-b3b3-36cde130735a
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.25.5
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.27.0&cb=69173419663&lsavail=1&bundle=fV5PQF9ZTjJyaXhKcHRpTnI0bVRnTGlFTmE0Q0lpa0N6T3o1dHREOTRYNTRrNTBZQWMxJTJGMTlrbkhkQlhUaGZPeEYzR3AxRlRtMEplMWY0V0hZOG0lMkJyNXdXdVVNeUw4eUo2aFlFU1loNzhGWHljYkZUNDdrTDRiampRTXd1eTdxemxvbHdSaU1XNzBWUGMlMkYxQlB5UHBCc0NQVFlqUVI5TnFJVUFTU0lCelRJU1BNN28lM0Q&networkId=337
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.theguardian.com
date
Tue, 12 Aug 2025 02:44:37 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		15 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0a1110604380b5e755cacb5e322b3274bfe162a5a22f20b5248a32bb919a6e81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://www.theguardian.com
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
application/json
server
nginx
pbjs
htlb.casalemedia.com/openrtb/ 		29 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208280
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a2af205d7a6d5b2d73a5a51b2e9c8acbca6764729d16b3df87097797ad7c0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eyldcjWXqnC8ookRaQGhaBQ658ZfeA3UJtJCGB9nhEmrn279ebq6wLDvRxaj7JVTYDwKJuIpjiqD7jdhQZ8PRHJj%2FeD0noHBR2F4E2KPsxtFMkMYSxwvPAOIUtkhj5mC8xLhEqGa"}],"group":"cf-nel","max_age":604800}
cf-ray
96dca1c7dd50a34c-SYD
expires
0
access-control-allow-origin
https://www.theguardian.com
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.27.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.0.107.214 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-107-214.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
access-control-allow-credentials
true
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.theguardian.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/ 		53 B
221 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3aa1f4f07fc274013f38346376f3e86523eb1ded16bb90d772312705bca1cede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
x-forwarded-for
180.149.228.70
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.theguardian.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
text/plain
vary
Origin
theguardian
direct.adsrvr.org/bid/bidder/ 		0
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/theguardian
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://www.theguardian.com
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		42 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=26644&site_id=554256&zone_id=3471452&size_id=15&alt_size_ids=10&us_privacy=1YNN&eid_pubcid.org=e829017b-4052-4074-b3f7-21a393b7e2a9%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&kw=Scams%2CHealth%2CAustralia%20news%2CBusiness%2CInternet%2CAustralian%20Competition%20and%20Consumer%20Commission%20(ACCC)&tg_i.domain=theguardian.com&tg_i.page=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&tg_i.keywords=Scams%2CHealth%2CAustralia%20news%2CBusiness%2CInternet%2CAustralian%20Competition%20and%20Consumer%20Commission%20(ACCC)&tg_i.pbadslot=%2F59666047%2Fgu%2Faustralia-news%2FArticle%2Fright&tk_flint=pbjs_lite_v9.27.0&l_pb_bid_id=377fa8296e1afde&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F59666047%2Fgu%2Faustralia-news%2FArticle%2Fright&m_ch_mobile=%3F0&slots=1&rand=0.5313539834385252
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/943c3b039f77db255f85/graun.916.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
a8cfadf8410729f0d75f5614dae2068a094aa5ed95d59fdec8f2553f6adbe061

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.theguardian.com
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
khaos.json
token.rubiconproject.com/ Frame 8BA7 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
content-length
7
content-type
application/json; charset=UTF-8
user-sync
ms-cookie-sync.presage.io/ Frame 7E52
Redirect Chain
  • https://b1sync.zemanta.com/usersync/ogury/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Foutbrain_id%3D__ZUID__
  • https://b1sync.outbrain.com/usersync/ogury/?cb=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Foutbrain_id%3D__ZUID__&gdpr=0&gdpr_consent=&s=2
  • https://b1sync.zemanta.com/usersync/ogury/?cb=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Foutbrain_id%3D__ZUID__&gdpr=0&gdpr_consent=&obuid=0fedb3e4-0d1a-490c-b8a8-d82642669595&s=2
  • https://ms-cookie-sync.presage.io/user-sync?outbrain_id=__ZUID__&gdpr=0
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?outbrain_id=__ZUID__&gdpr=0
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
https://ms-cookie-sync.presage.io/user-sync?outbrain_id=__ZUID__&gdpr=0
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="We do not support P3P header."
content-length
98
date
Tue, 12 Aug 2025 02:44:39 GMT
content-type
text/html; charset=utf-8
user-sync
ms-cookie-sync.presage.io/ Frame 7E52
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_conse...
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_conse...
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=5f4ad219-4cae-4f33-bfb9-1zz1754966582&gdpr=0&gdpr_consent=
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?raudience_id=5f4ad219-4cae-4f33-bfb9-1zz1754966582&gdpr=0&gdpr_consent=
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

location
https://ms-cookie-sync.presage.io/user-sync?raudience_id=5f4ad219-4cae-4f33-bfb9-1zz1754966582&gdpr=0&gdpr_consent=
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Tue, 12 Aug 2025 02:43:03 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.4
server
nginx/1.14.1
user-sync
ms-cookie-sync.presage.io/ Frame 7E52
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=ogury&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=ogury&gdpr=0&gdpr_consent=&tc=1
  • https://ms-cookie-sync.presage.io/user-sync?rtbhouse_id=UaNahTP864Hmd20IPTIb09P8frnDKwoiBXepoDwxLHg&pi=ogury&gdpr=0&gdpr_consent=&tc=1
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?rtbhouse_id=UaNahTP864Hmd20IPTIb09P8frnDKwoiBXepoDwxLHg&pi=ogury&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://ms-cookie-sync.presage.io/user-sync?rtbhouse_id=UaNahTP864Hmd20IPTIb09P8frnDKwoiBXepoDwxLHg&pi=ogury&gdpr=0&gdpr_consent=&tc=1
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT, Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
vary
Accept-Encoding
user-sync
ms-cookie-sync.presage.io/ Frame 7E52
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=ogury&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=ogury&zcc=1&cb=1754966678086
  • https://ad.turn.com/r/cs?pid=45&id=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004&rndcb=7862010168
  • https://sync.1rx.io/usersync/turn/2507349102497968926?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004?redir=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fnexxen_id%3DRX-ab35d036-78d7-431c-9eb0-e04ea11f6...
  • https://ms-cookie-sync.presage.io/user-sync?nexxen_id=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?nexxen_id=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

location
https://ms-cookie-sync.presage.io/user-sync?nexxen_id=RX-ab35d036-78d7-431c-9eb0-e04ea11f64c5-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Tue, 12 Aug 2025 02:44:38 GMT
etag
RXab35d03678d7431c9eb0e04ea11f64c5004
content-type
text/html
server
Tengine
user-sync
ms-cookie-sync.presage.io/ Frame 7E52
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=agyie4r&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ms-cookie-sync.presage.io/user-sync?ttd_id=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?ttd_id=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

location
https://ms-cookie-sync.presage.io/user-sync?ttd_id=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=
content-length
247
date
Tue, 12 Aug 2025 02:44:37 GMT
server
Kestrel
user-sync
ms-cookie-sync.presage.io/ Frame 7E52
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=ogury&gdpr=0&gdpr_consent=&custom_data=init:ogy
  • https://x.bidswitch.net/ul_cb/sync?ssp=ogury&gdpr=0&gdpr_consent=&custom_data=init:ogy
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=ogury&bsw_custom_parameter=70ecc19f-2d87-4435-9481-5fea364312e5
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=70ecc19f-2d87-4435-9481-5fea364312e5&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=565444fc-936b-4bea-a1c5-16544feb0ae6&ttd_puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f%2Chttps%253A%252F%252Fx.bidswitch.net%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=ogury&bsw_param=70ecc19f-2d87-4435-9481-5fea364312e5
  • https://ms-cookie-sync.presage.io/user-sync?gdpr=&gdpr_consent=&bidswitch_id=70ecc19f-2d87-4435-9481-5fea364312e5&ssp_data=init%3Aogy
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?gdpr=&gdpr_consent=&bidswitch_id=70ecc19f-2d87-4435-9481-5fea364312e5&ssp_data=init%3Aogy
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:40 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//ms-cookie-sync.presage.io/user-sync?gdpr=&gdpr_consent=&bidswitch_id=70ecc19f-2d87-4435-9481-5fea364312e5&ssp_data=init%3Aogy
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Aug 2025 02:44:39 GMT
user-sync
ms-cookie-sync.presage.io/ Frame 7E52
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ms-cookie-sync.presage.io/user-sync?xandr_id=$UID&gdpr=0&gdpr_consent=
  • https://ms-cookie-sync.presage.io/user-sync?xandr_id=2024682871925848210&gdpr=0&gdpr_consent=
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?xandr_id=2024682871925848210&gdpr=0&gdpr_consent=
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, private
location
https://ms-cookie-sync.presage.io/user-sync?xandr_id=2024682871925848210&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
180.149.228.70; 180.149.228.70; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f2e7eb8e-3790-4cb1-8eaa-f3d4f2cfc9ef
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
713263.gif
id.rlcdn.com/ Frame 7E52 		0
0
ecm3
s.amazon-adsystem.com/ Frame 7E52 		43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=c1ebcd5b-4e76-4423-841e-6e5e6bedc644
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
3RCS5CD0XXY3D319BGEM
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:37 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
sync
ssbsync.smartadserver.com/api/ Frame 932B 		893 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
f233d62271db02edef5fd68b4a6b4cb07013af4ac2fdb0912cc88a6868cefe9c

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,no-store
content-length
893
content-type
text/html
date
Tue, 12 Aug 2025 02:44:37 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
userSync.js
ads.pubmatic.com/AdServer/js/ Frame 7E52 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.225.41 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f184b71270cacb6f82245aed56defc8891dd489cc3a175da7ff7e674b362e98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ms-cookie-sync.presage.io/

Response headers

cache-control
max-age=23325
content-encoding
gzip
expires
Tue, 12 Aug 2025 09:13:22 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
3393
date
Tue, 12 Aug 2025 02:44:37 GMT
last-modified
Wed, 13 Nov 2024 05:17:03 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.html
sync.clearnview.com/ Frame A531 		26 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.clearnview.com/sync.html?gdpr=0&gdpr_consent=&pubid=14&redirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fbrave_id%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.62.12.186 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://ms-cookie-sync.presage.io
Connection
keep-alive
Date
Tue, 12 Aug 2025 02:44:38 GMT
Keep-Alive
timeout=5
Transfer-Encoding
chunked
usync.html
eus.rubiconproject.com/ Frame F596
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 12 Aug 2025 02:44:37 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Aug 2025 02:44:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=
server
AkamaiGHost
match
c1.adform.net/serving/cookie/ Frame B7D6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=
35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 12 Aug 2025 02:44:39 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
um.simpli.fi/ Frame EDCE 		43 B
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
43
content-type
image/gif
date
Tue, 12 Aug 2025 02:44:38 GMT
expires
Mon, 11 Aug 2025 02:44:38 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame D042
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:78aa689a-aa96-4d00-aee7-8042970cc38b&gdpr=0&gdpr_consent=
42 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:78aa689a-aa96-4d00-aee7-8042970cc38b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Aug 2025 02:44:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Date
Tue, 12 Aug 2025 02:44:38 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 2082 0091691 master ord ord-pixel-x7 config_version:"373"
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
X-XSS-Protection
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:78aa689a-aa96-4d00-aee7-8042970cc38b&gdpr=0&gdpr_consent=
A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BFB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.230.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-230-57.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

age
0
content-length
43
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
content-type
image/gif
date
Tue, 12 Aug 2025 02:44:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY
ecm3
s.amazon-adsystem.com/ Frame 59E2 		43 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Aug 2025 02:44:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8HD8W34VNVGH396YVCZP
demconf.jpg
dpm.demdex.net/ Frame 69F9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
44.239.208.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-208-182.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-usw2-1-v074-07a6f87df.edge-usw2.demdex.com 6 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
5OrkHg6OR7I=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
dcs
dcs-prod-usw2-2-v074-05320d61b.edge-usw2.demdex.com 0 ms
pragma
no-cache
x-tid
jdG+eKibSa4=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Tue, 12 Aug 2025 02:44:38 GMT
sync
pippio.com/api/ Frame 69F9
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEEwRDMzNTFDLUVCMTYtNEY5Qy05RUZFLTMyMTdBM0RENTNBNBAAGg0IldXqxAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7e3fd3749a280e259d32f184c21d421ba18930810fdd1b293ba8419871e81d31791426b5417dce21&_=2
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=7e3fd3749a280e259d32f184c21d421ba18930810fdd1b293ba8419871e81d31791426b5417dce21&_=2
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
107.178.254.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=7e3fd3749a280e259d32f184c21d421ba18930810fdd1b293ba8419871e81d31791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
info
uipglob.semasio.net/adform/1/ Frame 69F9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4&sInitiator=external&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=A0D3351C-EB16-4F9C-9EFE-3217A3DD53A4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=565444fc-936b-4bea-a1c5-16544feb0ae6
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=565444fc-936b-4bea-a1c5-16544feb0ae6
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=2024682871925848210&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7306458255467672195&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=7306458255467672195&gdpr=0&gdpr_consent=&sInitiator=internal
  • https://sync.srv.stackadapt.com/sync?nid=semasio
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=75w8CirDUpREm6Je1BvjLLSV5EY&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=2024682871925848210&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7306458255467672195&sInitiator=internal&gdpr=0&gdpr_consent=
42 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7306458255467672195&sInitiator=internal&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
95.173.218.112 Singapore, Singapore, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-95-173-218-112.datapacket.com
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Routing-Server-ID
-1
Frontend-ID
5
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 01 Jan 2011 12:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
42
UIP-Response-Status
Ok
Date
Tue, 12 Aug 2025 02:44:42 GMT
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
location
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=7306458255467672195&sInitiator=internal&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
-1
access-control-allow-origin
*
content-length
0
date
Tue, 12 Aug 2025 02:44:42 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
Pug
image2.pubmatic.com/AdServer/ Frame 69F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTBEMzM1MUMtRUIxNi00RjlDLTlFRkUtMzIxN0EzREQ1M0E0&gdpr=0&gdpr_consent=&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
42 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
379
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 69F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oNM1HOsWT5ye_jIXo91TpA%3D%3D&gdpr=0&gdpr_consent=&google_cm
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEEJfBlHCob3zbyZCEnPBx6I&google_cver=1
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEEJfBlHCob3zbyZCEnPBx6I&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2.18.225.41 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
max-age=143564
content-encoding
gzip
expires
Wed, 13 Aug 2025 18:37:21 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
6694
date
Tue, 12 Aug 2025 02:44:37 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
content-type
text/html
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEEJfBlHCob3zbyZCEnPBx6I&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
362
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
Pug
image2.pubmatic.com/AdServer/ Frame 69F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_n-Seedtag_n-Ogury_rbd_n-MediaNet_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP7zVdNeHlMf-3Qpr-nvwIQ&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
379
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
v3
id5-sync.com/gm/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
081b76ef0f19d2ceab61649df2a614abaef263652db056cbdda94d865bdbcc62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.theguardian.com
p3p
CP="CAO PSA OUR"
date
Tue, 12 Aug 2025 02:44:37 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 505B 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3D%26pubmatic_id%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.225.41 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=143564
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 12 Aug 2025 02:44:37 GMT
expires
Wed, 13 Aug 2025 18:37:21 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F596 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
98e5e47b586419dd4184a0f7eb9b254a2e0ac626203f26656448dc02d1f68b31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=ap-northeast-1&gdpr_consent=

Response headers

cache-control
max-age=86032
content-encoding
gzip
expires
Wed, 13 Aug 2025 02:38:29 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11461
date
Tue, 12 Aug 2025 02:44:37 GMT
last-modified
Tue, 12 Aug 2025 02:38:29 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 75C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1cDctGKXv_2_S_xFtqFYH_lVvn59DDWIVMPazPq8SCJFldeKCN1K4q4-SB1LCb_B-xqNDGola66wpZtnCSvx3Xvgc3qye41BBEK0De878kYo4vSfrwxtAmt4j4soHkJPIYd_gdkZzKva1mVjObS9r89WPE4-tsA3dyrVcXn0icub63miR8v7sASbHEM_TbgMA1Ic9kDNqn_gI42rV-_QdcMN_pcvPhUEz8W7x78TLpUNdXktOxiP2UmVaIqprDmfl6JKDWD-u_i7GoaJ5R9EihSCiLP2eQ7w1Mnjde9tfe61uxUX1rFN2oM2pdD-wSjRbywBWgwEkEUh7Mja5EYSn2l92GEC_srRYc_rig7E_Sm2QJ7eVGd-SLsZdfh69I4H8PcWVPkS56-ImJodvihpM-M0PUYnkSSq5QPNcvSVD7SCgrI2i1AYuqlM15UX7Py8wiFZtbNcZLCsi7dahnTr6LKJ_DOg_&sai=AMfl-YRXt6d3q9-kH56CBveWBn882QysQjzfv8m2GlGQESlMvJuOJqKe-5GMQnMYsKEYUzlMjNE8nhPriPCI0O5V46iqo0bE-234SyV9xJrjDMcHfrBRZ9ZjTKHGQYodbzBnElcdeMKrSe52egGGxsdABd4F7Rwo_bP2QLAEn4bGp4-cwbEM9L0NgHZnZHEGptkMYmSVno70lwPjycjBCtyBYUvS96ftdY9nUsNtvXviRhyew1kRZLGfx7csibS4ygMiDQ0&sig=Cg0ArKJSzNHyW65Ur9pLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 12 Aug 2025 02:44:37 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 75C9 		222 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
236c34aed623ea7a65d75d7e3e0bac4bfcd6dc070ea1abbdb3db3ea5be4a1061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
etag
5776204965252557975
age
1619
x-content-type-options
nosniff
expires
Tue, 12 Aug 2025 03:17:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 12 Aug 2025 02:17:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69782
x-xss-protection
0
server
cafe
pixel
protected-by.clarium.io/ Frame 75C9 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_N29EZ2lUc3E4OFVTNHJyQkcwX054cGFma3JnLzI2NzM1Njk2ODQ6OTcweDI1MA==&v=5&s=v31j2e2kmcu&id=eyJkZnAiOnsiYWQiOjQ3NTE1MjU0MTEsImMiOjEzODMwNDkwMzQxNSwibCI6NTMxNzg2NjIyMywibyI6MjY3MzU2OTY4NCwiQSI6Ii81OTY2NjA0Ny90aGVndWFyZGlhbi5jb20vYXVzdHJhbGlhLW5ld3MvYXJ0aWNsZS9uZyIsInkiOjAsImNvIjowLCJzIjoiZGZwLWFkLS10b3AtYWJvdmUtbmF2In19&cb=2959529&h=www.theguardian.com&d=eyJ3aCI6Ik4yOUVaMmxVYzNFNE9GVlROSEp5UWtjd1gwNTRjR0ZtYTNKbkx6STJOek0xTmprMk9EUTZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjczNTY5Njg0LCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.225.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-225-73.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/png
server
nginx/1.18.0 (Ubuntu)
khaos.json
token.rubiconproject.com/ Frame F596 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
content-length
7
content-type
application/json; charset=UTF-8
user-sync
ms-cookie-sync.presage.io/ Frame 932B 		35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?equativ_id=1079396217920414903&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 932B
Redirect Chain
  • https://s.company-target.com/s/eqx?sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D152%26partneruserid%3DPARTNER_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=152&partneruserid=20332318-5630-4b72-8276-b1a1ebb71307
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=152&partneruserid=20332318-5630-4b72-8276-b1a1ebb71307
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.50.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=152&partneruserid=20332318-5630-4b72-8276-b1a1ebb71307
access-control-allow-methods
GET,OPTIONS
via
1.1 google
access-control-allow-origin
*.smartadserver.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
text/html; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 932B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=wrOdbigaDbHW&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=wrOdbigaDbHW&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.50.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 12 Aug 2025 02:44:37 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=wrOdbigaDbHW&ev=1&pid=560288&gdpr_consent=&gdpr=0
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-799d74f574-t57h8
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
server
Jetty(12.0.22)
redir
rtb-csync.smartadserver.com/ Frame 932B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC8DE7RNVUAABrOZHkNoQ&partnerid=127&gdpr=0
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAC8DE7RNVUAABrOZHkNoQ&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.50.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAC8DE7RNVUAABrOZHkNoQ&partnerid=127&gdpr=0
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:38 GMT
Server
gunicorn
Connection
keep-alive
/
rtb-csync.smartadserver.com/redir/ Frame 932B
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b3b07469-b470-4c87-9700-63e32c8dfb5b&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b3b07469-b470-4c87-9700-63e32c8dfb5b&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.50.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

expires
0
cache-control
no-cache, no-store, must-revalidate
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b3b07469-b470-4c87-9700-63e32c8dfb5b&gdpr=0&gdpr_consent=[GDPR_CONSENT]
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
server
nginx
truncated
/ Frame BFB1 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame BFB1 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 9312 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202508070101&jk=8150879539083960&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/
server
cafe
QL4c9_D_4W8yixfsBTQno-HlMjbspuM1TyWGGtZzSMY.js
pagead2.googlesyndication.com/bg/ Frame 6FE3 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QL4c9_D_4W8yixfsBTQno-HlMjbspuM1TyWGGtZzSMY.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
40be1cf7f0ffe16f328b17ec053427a3e1e53236eca6e3354f25861ad67348c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
326580
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Aug 2026 08:01:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Aug 2025 08:01:38 GMT
last-modified
Mon, 04 Aug 2025 09:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21000
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jload
pixel.adsafeprotected.com/ Frame E745 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10249&campId=970x250&pubId=4751525411&chanId=85574607&placementId=5317866223&pubCreative=138304903415&pubOrder=2673569684&custom=article&custom2=top-above-nav&custom3=au&adsafe_par&impId=48282be1-7726-11f0-8f66-8ae1a1b3060b
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
bc7e6b372fc82a8f2ca378d540ec7da05a7f53de1ec6a735e1d920dd54a51744

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
admi
aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/e/dtb/ Frame 61FB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/e/dtb/admi?b=JO_-tvRtlkf3T1SbyIgAyDkAAAGYnCpQjQUAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAeyXa7&rnd=4237970649641754966677915&pp=1i9kpog&p=3f54ao&crid=2307:uoaob3qf&ep=%7B%22ce%22%3A%221%22%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-123.syd62.r.cloudfront.net
Software
Server /
Resource Hash
55dff53154d9a2be862ddec1dc0a0eab586e7c3cb3e86dfbd28d892d500be427

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-store, max-age=0
content-encoding
gzip
content-length
5226
content-type
text/html;charset=UTF-8
date
Tue, 12 Aug 2025 02:44:37 GMT
server
Server
via
1.1 48e2dac80dc53d66fef4721e63ea9f44.cloudfront.net (CloudFront)
x-amz-cf-id
LQTsxy5v0CBsCfqgN_Li317zze_eDh27ryBcJ7f82tyk3V_3dDZYiA==
x-amz-cf-pop
SYD62-P3
x-cache
Miss from cloudfront
csm_othersv6.js
c.amazon-adsystem.com/bao-csm/direct/ Frame 75C9 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv6.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
Server /
Resource Hash
94a26e328e233d2c4b23f966f0836d1974b8b1db6ede373bbf9d9e97f478239b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
196984c43b1ab892e77abe088cd8e908
x-amz-version-id
RFpLbSCrvXeKCA9u0rxcP_gONyLhh3UT
age
77060
via
1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
zmMCpxU56T8G9DCLsf_Xzk0wXTCqz8CaObHSl89metF8cDbgzqtLHw==
date
Mon, 11 Aug 2025 05:20:18 GMT
content-type
application/javascript
x-amz-cf-pop
SYD62-P3
server
Server
x-amz-server-side-encryption
AES256
truncated
/ Frame 75C9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0ff1dec4a66bb5c8ce550c5dc6f9a6321bf2751354181c28b261ff58655b7fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
18.gif
id5-sync.com/qp/
Redirect Chain
  • https://id5-sync.com/i/182/8.gif?o=api&id5id=ID5*k171rU1XIvxUWHf95jQH1kDR0c9Sqb2B-aJ2qLuWaqg8hTsF69HNYuUFGaq2g_gK&gdpr_consent=undefined&gdpr=false
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/182/112/7/2.gif?puid=B1DBE549E5CD84C6&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/182/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/182/2/6/3.gif?puid=2024682871925848210&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/182/108/5/4.gif?puid=a686faf8-4dae-4e3a-afd9-12e429c40d4f&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=565444fc-936b-4bea-a1c5-16544feb0ae6&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/182/10/3/6.gif?puid=7306458255467672195&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F182%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/182/123/2/7.gif?puid=1989c2a6944-40f70000010d4feb&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEM_sq2JkhqCTQ4VsxWzsVho&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2024682871925848210&opid=apx&ops=&utidl=tech:goo:CAESEM_sq2JkhqCTQ4VsxWzsVho&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A139380022699&gdpr=0&gdpr_consent=&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xODImZm9ybWF0PWdpZiY
0
0
main.19.8.605.js
static.adsafeprotected.com/ Frame E745 		264 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.605.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dcc938319b723d0d5c25216428462994400e34f8c1466bdb36e6a9de78cdf79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
x-amz-version-id
5Kbm9svbbbhmSDjM.sHIlgcSiXVfz7Ck
etag
W/"126ce5e89c733af2a9e37aec9a7a1a09"
age
2186348
x-cache
Hit from cloudfront
x-amz-cf-id
DzMPxAE2k0waAyKBIG3NnQvWiKv2qG6Wdq4tN8GbmZyR9amSH6x2aw==
date
Thu, 17 Jul 2025 19:25:30 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 16 Jul 2025 20:47:58 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=315360000, immutable
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
usersync
usersync.gumgum.com/ Frame 8BA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=ME7XUHV7-12-IF18
  • https://usersync.gumgum.com/usersync?b=mag&i=ME7XUHV7-12-IF18
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=ME7XUHV7-12-IF18
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.179.195.13 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-195-13.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
private, no-store, must-revalidate, max-age=0
Content-Length
35
Date
Tue, 12 Aug 2025 02:44:38 GMT
Pragma
no-cache
Content-Type
image/gif
Connection
keep-alive

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://usersync.gumgum.com/usersync?b=mag&i=ME7XUHV7-12-IF18
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
content-length
0
Content-Type
text/html
generate_204
ep2.adtrafficquality.google/ Frame 6FE3 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?Q1FF7g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
cross-origin-resource-policy
cross-origin
config.js
cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/ Frame 61FB 		258 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Requested by
Host: aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com
URL: https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/e/dtb/admi?b=JO_-tvRtlkf3T1SbyIgAyDkAAAGYnCpQjQUAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAeyXa7&rnd=4237970649641754966677915&pp=1i9kpog&p=3f54ao&crid=2307:uoaob3qf&ep=%7B%22ce%22%3A%221%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.90 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77893f1c3e94777f061ccb1e400ae0595179044b4747a5ef701702cbd61c10b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"efb5f090140e5074674ed42bd85d5cb9"
age
348
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
text/javascript
last-modified
Tue, 12 Aug 2025 02:19:04 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
UeWEtvQiIGbH3aMz0eZ6nWusQKuW+wrfv54uTlfCS2FEwxAxZkXzPxCLwY457VnTEgQhvaHJ9Pg=
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
96dca1caf9e1486c-SYD
x-amz-request-id
7HXMBCVCRHBVTVT4
accept-ranges
bytes
content-length
56829
server
cloudflare
x-amz-server-side-encryption
AES256
user-sync
ms-cookie-sync.presage.io/ Frame F596
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=&khaos=ME7XUHV7-12-IF18
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=ME7XUHV7-12-IF18
35 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?magnite_id=ME7XUHV7-12-IF18
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/user-sync.html?source=tam
Protocol
H2
Server
57.183.43.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-183-43-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
35
date
Tue, 12 Aug 2025 02:44:38 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://ms-cookie-sync.presage.io/user-sync?magnite_id=ME7XUHV7-12-IF18
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4290507b7388fb86809e552482e2fff0
content-length
0
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 8BA7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUU3WFVIVjctMTItSUYxOA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMg1hPTbQ5GEO60zhDq3wW4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUU3WFVIVjctMTItSUYxOA==&google_push=
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUU3WFVIVjctMTItSUYxOA==&google_push=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
142.250.70.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUU3WFVIVjctMTItSUYxOA==&google_push=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
content-length
0
Content-Type
text/html
ecm3
s.amazon-adsystem.com/ Frame 8BA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
E248NHKS8MVRDNXHJBC9
Content-Length
43
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=ME7XUHV7-12-IF18&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4290507b7388fb86809e552482e2fff0
content-length
0
Content-Type
text/html
dcm
s.amazon-adsystem.com/ Frame 8BA7 		43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
CQAS3G6N2M7MMEEMWTNM
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
tap.php
pixel.rubiconproject.com/ Frame 8BA7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CHIwZtSssWtpRlyQBspSfMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YvGd7sdE2oLKVG41FqeK06vj6_q8NNwfiDBN1Q--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YvGd7sdE2oLKVG41FqeK06vj6_q8NNwfiDBN1Q--~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YvGd7sdE2oLKVG41FqeK06vj6_q8NNwfiDBN1Q--~A
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
server
ATS
x-frame-options
DENY
tap.php
pixel.rubiconproject.com/ Frame 8BA7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=565444fc-936b-4bea-a1c5-16544feb0ae6&gdpr=0&gdpr_consent=&expires=30
content-length
289
date
Tue, 12 Aug 2025 02:44:38 GMT
server
Kestrel
pixel
cm.g.doubleclick.net/ Frame 8BA7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjY5NWUwZjI4NGIzMTg0NTM0Yjg5Mjk5ZGE0NmQyOWRhY2UyMzYwOQ
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjY5NWUwZjI4NGIzMTg0NTM0Yjg5Mjk5ZGE0NmQyOWRhY2UyMzYwOQ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
142.250.70.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjY5NWUwZjI4NGIzMTg0NTM0Yjg5Mjk5ZGE0NmQyOWRhY2UyMzYwOQ
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Pragma
no-cache
content-length
0
setuid
px.ads.linkedin.com/ Frame 8BA7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=ME7XUHV7-12-IF18
0
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=ME7XUHV7-12-IF18
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 42D59272618B4706AA65DCAE978769B9 Ref B: SYD281080706042 Ref C: 2025-08-12T02:44:38Z
x-li-fabric
prod-lor1
x-li-uuid
AAY8IgV5Pgmt+MFBrFpWDg==
x-li-proto
http/2
alt-svc
h3=":443"; ma=86400
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=ME7XUHV7-12-IF18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Pragma
no-cache
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8BA7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENSu9lyNUN1uZW0JruUb_cs&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENSu9lyNUN1uZW0JruUb_cs&google_cver=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENSu9lyNUN1uZW0JruUb_cs&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
326
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8BA7 		43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
KT5NAHWZD8XFMDRSHK9G
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 12 Aug 2025 02:44:39 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
tap.php
pixel.rubiconproject.com/ Frame 8BA7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABScE7RNVUAABuXw3kVZg&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABScE7RNVUAABuXw3kVZg&expires=30
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABScE7RNVUAABuXw3kVZg&expires=30
Content-Length
0
Date
Tue, 12 Aug 2025 02:44:38 GMT
Server
gunicorn
Connection
keep-alive
magnite
sync.a-mo.net/setuid/ Frame 8BA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://sync.a-mo.net/setuid/magnite?uid=ME7XUHV7-12-IF18
0
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid/magnite?uid=ME7XUHV7-12-IF18
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 12 Aug 2025 02:44:38 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.a-mo.net/setuid/magnite?uid=ME7XUHV7-12-IF18
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
content-length
0
Content-Type
text/html
tap.php
pixel.rubiconproject.com/ Frame 8BA7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c36a899b-3090-49a0-9ad2-000c1dba0615&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c36a899b-3090-49a0-9ad2-000c1dba0615&expires=30
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d335433bbbe0efeac67146df47932f6f
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

X-CI-RTID
6dc3f510-acd7-430f-9e7c-4f28502cdd0b
Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c36a899b-3090-49a0-9ad2-000c1dba0615&expires=30
Content-Length
144
Date
Tue, 12 Aug 2025 02:44:38 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
v1
match.sharethrough.com/sync/ Frame 8BA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=ME7XUHV7-12-IF18
68 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=ME7XUHV7-12-IF18
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
13.228.29.185 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-29-185.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=ME7XUHV7-12-IF18
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
content-length
0
Content-Type
text/html
setuid
ib.adnxs.com/prebid/ Frame 8BA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=ME7XUHV7-12-IF18
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=ME7XUHV7-12-IF18
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
180.149.228.70; 180.149.228.70; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
6adce527-40f1-4a23-8b3e-949b96474823
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.25.5

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=ME7XUHV7-12-IF18
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
content-length
0
Content-Type
text/html
pixel
capi.connatix.com/us/ Frame 8BA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=ME7XUHV7-12-IF18&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=ME7XUHV7-12-IF18&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
172.64.146.152 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
96dca1ce5906571d-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://capi.connatix.com/us/pixel?puid=ME7XUHV7-12-IF18&pId=11&gdpr=&gdpr_consent=&us_privacy=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
content-length
0
Content-Type
text/html
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202508051250/ Frame 61FB 		362 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202508051250/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.90 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af774b086388ae8760744f484d6277ee45760c64903eab0d9d63ff837eb3086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b76b3741190230b4fa176d1693b8d7ca"
age
286869
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Aug 2025 16:51:33 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
8oc4sFfD7jxQlOtanNOA0tmVjZWOMt7kjJe/rkrd++icMY2olYO+oLv2JSqse7TuT/+amvA+HBo=
cache-control
public, max-age=31536000
cf-ray
96dca1cb2a37486c-SYD
x-amz-request-id
BSY96YCGBHR83CVQ
accept-ranges
bytes
content-length
129970
server
cloudflare
x-amz-server-side-encryption
AES256
check
pixel.tapad.com/idsync/ex/receive/ Frame 8BA7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=ME7XUHV7-12-IF18
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=ME7XUHV7-12-IF18
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=ME7XUHV7-12-IF18
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.25) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/png
server
Jetty(11.0.25)

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=ME7XUHV7-12-IF18
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
server
Jetty(11.0.25)
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-107857&ch=au-107857_c25_australia-news_S&asn=australia-news&fp_id=ktxbeemol1uboaccbfp3riedjmmj01754966675&fp_cr_tm=1754966675344&fp_acc_tm=1754966675344&fp_emm_tm=1754966675344&ve_id=&sessionId=5rtywxprhxhrhqdhccp8lierawsel1754966675&prv=1&c6=vc,c25&ca=NA&c13=asid,P505182AA-1D71-49D8-8287-AA222CD05424&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,theguardian&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,hntv9x5yskzzxtgfyqcvyp5iqht7j1754966675&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1754966675342188&c30=bldv,6.0.0.734&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&c3=st,c&c64=starttm,1754966677&adid=australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&c58=isLive,false&c59=sesid,&c61=createtm,1754966678&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&c66=mediaurl,&sdd=&c62=sendTime,1754966678&rnd=534552
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.22.212 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-22-212.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy
cross-origin
access-control-allow-methods
POST, OPTIONS
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
44
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
image/gif
server
nginx
f7bf47d5-09c1-49a8-af57-4156e3348d9c
https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/ Frame 7EF2 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/f7bf47d5-09c1-49a8-af57-4156e3348d9c
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202508051250/wrap.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a5b05481e12ae47fd0c27456f5c60ce8adaddc9ebffcf798c694b238288b564

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
application/javascript
Content-Length
2982
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=8150879539083960&correlator=2786344289421181&eid=31093713%2C31093979%2C83321072%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202508070101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Caustralia-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C300x250%7C300x274%7C300x600&fluid=height&ifi=2&didk=1814385681&dids=dfp-ad--right&adfs=3051362440&sfv=1-0-45&sc=1&cookie=ID%3Dd7b4ba26a1320798%3AT%3D1754966677%3ART%3D1754966677%3AS%3DALNI_MbcV5pyak_6tAt9ffZI1faTqWq0IA&gpic=UID%3D0000117eb574457d%3AT%3D1754966677%3ART%3D1754966677%3AS%3DALNI_MYMbxSHuzbK8Qe9ZjR022hSr15Lyw&abxe=1&dt=1754966678408&lmt=1754966678&adxs=1280&adys=536&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&vis=1&psz=300x980&msz=2x2&fws=516&ohw=1600&psts=AOrYGskXIdkj1c7kDw8zQDDM5KJhtsSg6hLyCR9HpcScJi-P7GZ-q1CsOdvCQFZ4M7Ps0H-eswIkpXAXETXdVg6lJ3MBdvLmPunIORZjvRD3yYStfAomUjenUL79YJcOdw&topics=1&tps=1&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGU4MjkwMTdiLTQwNTItNDA3NC1iM2Y3LTIxYTM5M2I3ZTJhOVgBEh0KDmVzcC5jcml0ZW8uY29tGM-dqeGJM0gAUgIIZBJWCgxpZDUtc3luYy5jb20SRElENSotamZMRmlRLUhFYzlNVWxHajEwNWJTbTQ3M1E3d0lNNmtNdElFOUxfVkJNOGhRcGs2UlMzMFZJNkMtS2RmRHlkWAE.&cbidsp=CqUGCAESFwoGY3JpdGVvEN0DIAI4AVIGY3JpdGVvEg8KAml4EPwCIAI4AVICaXgSHwoKdHJpcGxlbGlmdBCeAiACOAFSCnRyaXBsZWxpZnQSGAoDb3hkEPUCIAI4AVIFb3BlbnhSA294ZBIRCgN0dGQQnwUgAjgBUgN0dGQSpgEKAml4EPsCGpIBChA0MWFlMTY5MjM1YjY0Njc4EJD0HRoDVVNEIgloYl9iaWRkZXIiB2hiX2FkaWQiBWhiX3BiIgdoYl9zaXplIgloYl9mb3JtYXQiDGhiX2JpZGRlcl9peCIKaGJfYWRpZF9peCIIaGJfcGJfaXgiCmhiX3NpemVfaXgiDGhiX2Zvcm1hdF9peCgBOgYIrAIQ2AQgATAAOAFSAml4Ep4BCghwdWJtYXRpYxCHBRp_Cg40NWU5ZTg0Y2VhZjZmNRDQuxsaA1VTRCISaGJfYmlkZGVyX3B1Ym1hdGljIhBoYl9hZGlkX3B1Ym1hdGljIg5oYl9wYl9wdWJtYXRpYyIQaGJfc2l6ZV9wdWJtYXRpYyISaGJfZm9ybWF0X3B1Ym1hdGljKAE6BgisAhDYBCABMAA4AVIIcHVibWF0aWMSmAEKB3J1Ymljb24Q_gEaewoPMzhlN2VhOTJjZTIzODJjELDMCxoDVVNEIhFoYl9iaWRkZXJfcnViaWNvbiIPaGJfYWRpZF9ydWJpY29uIg1oYl9wYl9ydWJpY29uIg9oYl9zaXplX3J1Ymljb24iEWhiX2Zvcm1hdF9ydWJpY29uKAE6BgisAhDYBCABMAA4AVIHcnViaWNvbhKHAQoDYW5kEIcFGmgKEDQzMTZlNDc4Mjk0NjM1NTgQ6PUDGgNVU0QiDWhiX2JpZGRlcl9hbmQiC2hiX2FkaWRfYW5kIgloYl9wYl9hbmQiC2hiX3NpemVfYW5kIg1oYl9mb3JtYXRfYW5kKAE6BgisAhD6ASABMAA4AVIIYXBwbmV4dXNSA2FuZBgCIiRmODk0MjFjOS0wOTlmLTQzMTgtYTE5ZS1iZjI1ODA4MDgzZjMqBAgDIAAyB3Y5LjI3LjBA3AtKAA..&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1754966673878&idt=1195&prev_scp=slot%3Dright%26testgroup%3D63%26id%3D4828796b-7726-11f0-953f-f2f32a18cd5b%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26teadsEligible%3Dfalse%26amznbid%3D8rfaww%26amznp%3D3f54ao%26amzniid%3DJDJy1F-IiOhXQfswtbC1lkYAAAGYnCpSjwUAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCKdbLL%26amznsz%3D300x600%26amznactt%3DOPEN%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.19%26hb_adid_rubicon%3D38e7ea92ce2382c%26hb_bidder_rubicon%3Drubicon%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x600%26hb_pb_pubmatic%3D0.45%26hb_adid_pubmatic%3D45e9e84ceaf6f5%26hb_bidder_pubmatic%3Dpubmatic%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x600%26hb_pb_ix%3D0.49%26hb_adid_ix%3D41ae169235b64678%26hb_bidder_ix%3Dix%26hb_format_and%3Dbanner%26hb_size_and%3D300x250%26hb_pb_and%3D0.06%26hb_adid_and%3D4316e47829463558%26hb_bidder_and%3Dand%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.49%26hb_adid%3D41ae169235b64678%26hb_bidder%3Dix&cust_params=permutive%3D137631%252C151037%252C155919%252C184196%252C23527%252Cadv%252Crts%252Crts%252Crts%252Crts%252Crts%26amtgrp%3D11%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Dna%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dau%26tn%3Dnews%26p%3Dng%26k%3Dhealth%252Cscams%252Caustralia-news%252Cbusiness-australia%252Caustralian-competition-and-consumer-commission%252Cinternet%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fx2z2fb%26co%3Dcatie-mcleod%26url%3D%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb%26dcre%3Dt%26rc%3D4%26rp%3Ddotcom-rendering%26s%3Daustralia-news%26sens%3Df%26urlkw%3Donline%252Cshoppers%252Cweight%252Closs%252Cscam%252Cghost%252Cstores%252Cimpersonate%252Creal%252Cpeople%252Csell%252Cozempic%252Clike%252Ctreatments%252Cntwnfb%26allkw%3Donline%252Cshoppers%252Cweight%252Closs%252Cscam%252Cghost%252Cstores%252Cimpersonate%252Creal%252Cpeople%252Csell%252Cozempic%252Clike%252Ctreatments%252Cntwnfb%252Chealth%252Cscams%252Caustralia-news%252Cbusiness-australia%252Caustralian-competition-and-consumer-commission%252Cinternet%26cc%3DAU%26lh%3D10%26pv%3Dme7xug30oi67f959097o%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3D4a2a3d2d-559a-46a5-b552-ec792b7fbad8%26prmtvvid%3Db710a18c-5e3b-4af5-8e66-0fd63410399e%26prmtvsid%3Ddb3dd0c6-6745-42ac-bea3-e6b58fd8a96e%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3Dlow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fra%3Dfalse%26ias-kw%3DIAS_3030_KW%252CIAS_15682_KW%252CIAS_1525966_PG%252CIAS_1508982_PG%252CIAS_1516307_PG%252CIAS_1500095_PG%252CIAS_1500693_PG%252CIAS_1500175_PG%252CIAS_1507654_PG%252CIAS_1508974_PG%252CIAS_1506123_PG%252CIAS_1507659_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_1508967_PG%252CIAS_1512447_PG%252CIAS_11461_702_KW%252CIAS_SET%252CIAS_16425_KW%252CIAS_1525969_PG%252CIAS_18895_1753_KW%252CIAS_3696_450_KW%252CIAS_1509978_PG%252CIAS_1509993_PG%252CIAS_1509999_PG%263pc%3Dt%26prmtvctx%3Drts%252Crts%252Crts%252Crts&adks=3614581206&frm=20&eo_id_str=ID%3D05e1d08275fdbe83%3AT%3D1754966677%3ART%3D1754966677%3AS%3DAA-AfjY-W4CkwdJ8w35IuH4ww8rF&gblpids=%2F59666047%2Fgu%2Faustralia-news%2FArticle%2Fright&pb_szs=300x600%7C300x250&td=1&egid=28898&tan=8094dcfe-e925-49f2-86e3-e2458aacc450&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
11293c333d65edfe133e63c2ec337dd36c4a6f8a32c3209a51cda54a4c05bab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
dcb
google-lineitem-id
5317872706
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 12 Aug 2025 02:44:39 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138304903547
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.theguardian.com
content-length
4699
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 75C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvi9uXjS9CKaB7aHJMLPoOJx4Xgy5_ecEqsGKYR0HTefVkRCJEcfV38RusLmz-06PXE1oS-QV9xr_pMmLX26bzjcXy27IfSSKxJgSnfA0DTaEniFCYcaoYAbMvGsnZ0wYaqYSY0m6TqQa4m-pKrVFWmgqdfscg0qllDFxLJPMocOwempdIKBJKbYjZEtOpdNo2HAv21gnaD3RLZqPcMRX9clV4U4F-X_FwgR2O8_xOlJTfPedsiJAwygiAqXSNm_zKK-_Xr20txruiMwkdVFTdrI9OeSTGcrsFE1XT1HvGv8_7s7r1aHPE7cwjjLZSmVG4xE79nFZcHdvZOcgWEBZS87JqE2IUXCFhZ-V50WHe5n42NsGJzhLgXC0-MOKEdkGr98xOorkShPS_2xU3hv5zDgv5jb6-wHC4ZX3M1L14WoHtqRri_gfYX8X6XqJ9yoHYZdq66Kr3in4AKnUIjEOkJ-UWrzpBozA&sai=AMfl-YSgArczpAfy_FjmcdE7srL2neNC438bHfzgAo1FSLwpyAcU8kjj_kT3ijb7D8ArDZ9eZRFdP6XAWNrLAEFoszWiO1TkJk1KbJuFVl2nhca6ItYrkPiuxhaFYl-mBQpOwCPgmd8AJTRlXbStKeXahaIxY0Ot0OFMNswEaLbNvYU2MMQsW4wUtHvPi9VJvsrk7KdahgaPOKv97bPBmMmu1KsaQKCj1TqmEBd7C_mgQlFL-lS-p2wfDsRbcIVhOiZ3k14&sig=Cg0ArKJSzHEDrJCrfvJcEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 12 Aug 2025 02:44:38 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		337 B
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=8150879539083960&correlator=2786344289421181&eid=31093713%2C31093979%2C83321072%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202508070101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Caustralia-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&fluid=height&ifi=3&didk=847271999&dids=dfp-ad--carrot&adfs=2317815126&sfv=1-0-45&sc=1&cookie=ID%3Dd7b4ba26a1320798%3AT%3D1754966677%3ART%3D1754966677%3AS%3DALNI_MbcV5pyak_6tAt9ffZI1faTqWq0IA&gpic=UID%3D0000117eb574457d%3AT%3D1754966677%3ART%3D1754966677%3AS%3DALNI_MYMbxSHuzbK8Qe9ZjR022hSr15Lyw&abxe=1&dt=1754966678426&lmt=1754966678&adxs=171&adys=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&vis=1&psz=620x5132&msz=220x0&fws=4&ohw=1600&psts=AOrYGskXIdkj1c7kDw8zQDDM5KJhtsSg6hLyCR9HpcScJi-P7GZ-q1CsOdvCQFZ4M7Ps0H-eswIkpXAXETXdVg6lJ3MBdvLmPunIORZjvRD3yYStfAomUjenUL79YJcOdw&topics=1&tps=1&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGU4MjkwMTdiLTQwNTItNDA3NC1iM2Y3LTIxYTM5M2I3ZTJhOVgBEh0KDmVzcC5jcml0ZW8uY29tGM-dqeGJM0gAUgIIZBJWCgxpZDUtc3luYy5jb20SRElENSotamZMRmlRLUhFYzlNVWxHajEwNWJTbTQ3M1E3d0lNNmtNdElFOUxfVkJNOGhRcGs2UlMzMFZJNkMtS2RmRHlkWAE.&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1754966673878&idt=1195&prev_scp=slot%3Dcarrot%26testgroup%3D59%26teadsEligible%3Dfalse&cust_params=permutive%3D137631%252C151037%252C155919%252C184196%252C23527%252Cadv%252Crts%252Crts%252Crts%252Crts%252Crts%26amtgrp%3D11%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Dna%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dau%26tn%3Dnews%26p%3Dng%26k%3Dhealth%252Cscams%252Caustralia-news%252Cbusiness-australia%252Caustralian-competition-and-consumer-commission%252Cinternet%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fx2z2fb%26co%3Dcatie-mcleod%26url%3D%252Faustralia-news%252F2025%252Faug%252F03%252Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb%26dcre%3Dt%26rc%3D4%26rp%3Ddotcom-rendering%26s%3Daustralia-news%26sens%3Df%26urlkw%3Donline%252Cshoppers%252Cweight%252Closs%252Cscam%252Cghost%252Cstores%252Cimpersonate%252Creal%252Cpeople%252Csell%252Cozempic%252Clike%252Ctreatments%252Cntwnfb%26allkw%3Donline%252Cshoppers%252Cweight%252Closs%252Cscam%252Cghost%252Cstores%252Cimpersonate%252Creal%252Cpeople%252Csell%252Cozempic%252Clike%252Ctreatments%252Cntwnfb%252Chealth%252Cscams%252Caustralia-news%252Cbusiness-australia%252Caustralian-competition-and-consumer-commission%252Cinternet%26cc%3DAU%26lh%3D10%26pv%3Dme7xug30oi67f959097o%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3D4a2a3d2d-559a-46a5-b552-ec792b7fbad8%26prmtvvid%3Db710a18c-5e3b-4af5-8e66-0fd63410399e%26prmtvsid%3Ddb3dd0c6-6745-42ac-bea3-e6b58fd8a96e%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3Dlow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fra%3Dfalse%26ias-kw%3DIAS_3030_KW%252CIAS_15682_KW%252CIAS_1525966_PG%252CIAS_1508982_PG%252CIAS_1516307_PG%252CIAS_1500095_PG%252CIAS_1500693_PG%252CIAS_1500175_PG%252CIAS_1507654_PG%252CIAS_1508974_PG%252CIAS_1506123_PG%252CIAS_1507659_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_1508967_PG%252CIAS_1512447_PG%252CIAS_11461_702_KW%252CIAS_SET%252CIAS_16425_KW%252CIAS_1525969_PG%252CIAS_18895_1753_KW%252CIAS_3696_450_KW%252CIAS_1509978_PG%252CIAS_1509993_PG%252CIAS_1509999_PG%263pc%3Dt%26prmtvctx%3Drts%252Crts%252Crts%252Crts&adks=1053166097&frm=20&eo_id_str=ID%3D05e1d08275fdbe83%3AT%3D1754966677%3ART%3D1754966677%3AS%3DAA-AfjY-W4CkwdJ8w35IuH4ww8rF&td=1&egid=28898&tan=8094dcfe-e925-49f2-86e3-e2458aacc451&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
e9dc5c8edfd77f85e915cfc31f16d0216743dcdb2d8c39f9e6152109bc802cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
dcb
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.theguardian.com
content-length
166
x-xss-protection
0
server
cafe
sodar
ep1.adtrafficquality.google/pagead/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202508070101&jk=8150879539083960&bg=!MTKlMn3NAAZLBRduawU7ADQBe5WfOP3p3_rC01qCNDN48HN7BVIKbY8UKpAblNBZPNGafpWcw-iOLIAScKJ6jY30sNSFAgAAAFFSAAAAAmgBB34AN7z0MuvhwQBnRcVV0HZBEWj2kQj6xAWsMjSY8p51qykp8CmcXsZDKlkbKZCiPMlsCj-wZlw0RVsKACMjItxBiOHvvnFoijbrZm9eF9OawZk2TFzfDHRs8fZwTZ-yd5kCet8bEdXy-dpzmKgngWm6pYBCNCh6fCEfzGf-sHoMEwZuQSgOcZ6cYmDftMCoUv6B1U-FJha76OGiTlJ9HhtPhpQnuLy8I6Lfd195zFmadbHxyn_A6phMoTC1tOlTFZXKFq8hDneuMEU402luzvbzBw_4xiDi5oq5MHYrgI-F3w1MlWtI5JjyiTRS3qXzeg962FUQkYMb9z_Nj8r5DBxCbRMTYyeGTYQ2Y-IMD8q70qgf_5ksNJleSI0RRQN3k7_foTxljmkAy8hEQSkmb1BM2E9Zysw05uXmi12Bq_9AQqe5uv9yk36pjzmuhFRf3wj-vS0EVKFxIMKA-ozAI8XxW7fn5o6BA4FwTQrRT2uF4gO6O1NuGXzEQ2txpgEX2bSgwHsmVHpzmanzrVGuWyyGUCjE9GrLooQyHklUchhTsFzbIPRksivx7h2ntPkNoD_NB3G7Mp0nb8WFqsVRxPZHPCG_UXdKk-Eca8a-ONQhVS3N4ONdZrrROqmG7ghgmzfUVCflpjY4U_sP6LRzDJo7PRje1N92NGPU53RDnrLgO5K4SEPlzMLPtqmPoCH5OZQN_gypFf1r6MHg4wASPNtn30yD_pxUZKgtXawOusK8ZBunkgXzJGcszFJV8Ey_TbiqEsc9fRDbpLtzUvMQqHd182NXFeLupNod9QqOhgsvQ8tKuQV_nPZVkTKb_IIh12UPc33SazfP1i4UHtL5eSf_hbDAr2Mm9LtY2QDONi0DNtx70PSXsYe2qu4FeJAYakonpe4vnSqpfX8H-JTrfpfVIHzETt25XS_Z8igHt4sDaiDM_Kt6-esO1YfBBLbNOp5OdDpmlJNCiYf6o5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 12 Aug 2025 02:44:38 GMT
x-xss-protection
0
content-type
image/
server
cafe
non-refreshable-line-items.json
www.theguardian.com/commercial/ 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/commercial/non-refreshable-line-items.json
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/commercial/c23ffa85864e55b85990/graun.consented-advertising.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e11b52a761069025bf1a187ee23fcae3fc94db7de7774a83e5514144027e917f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
etag
W/"hash-8410790563747362118"
age
0
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-gu-frontend-git-commit-id
d8abf9a7e2b227899d2a54420a1e49662b7559c8
date
Tue, 12 Aug 2025 02:44:38 GMT
content-type
application/json
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private,no-transform
x-gu-edition
au
x-timer
S1754966679.963071,VS0,VS0,VE0
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/commercial/non-refreshable-line-items.json
referrer-policy
no-referrer-when-downgrade
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=(), clipboard-read=()
accept-ranges
bytes
content-length
5404
x-xss-protection
1; mode=block
sca.17.6.4.js
static.adsafeprotected.com/ Frame 9D33 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
6088658
x-cache
Hit from cloudfront
x-amz-cf-id
pBAaUSV7ETTAlsRh07edvuTPO0UuRVmer8b20EUWsAoUrw4KSpHeVQ==
date
Mon, 02 Jun 2025 15:27:02 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10249&campId=970x250&pubId=4751525411&chanId=85574607&placementId=5317866223&pubCreative=138304903415&pubOrder=2673569684&custom=article&custom2=top-above-nav&custom3=au&adsafe_par&impId=48282be1-7726-11f0-8f66-8ae1a1b3060b&adsafe_url=https%3A%2F%2Fwww.theguardian.com%2Faustralia-news%2F2025%2Faug%2F03%2Fonline-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb&adsafe_type=abcedfq&adsafe_jsinfo=,id:1a783223-12be-a211-dfd1-a85266cac4d0,c:l4xv6I,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-ff9747f6c-75fjw,rg:au,pt:1-5-15,wc:80.80.1600.1200,ac:395.104.970.250,am:i,cc:395.104.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1095,mot:0,app:0,maw:0,tdt:s,fm:uTCJkCT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b12%7C1b131%7C1b132%7C1b133%7C1b134%7C1b135%7C1b14%7C1b151%7C1b152%7C1b153%7C1b154%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e%7C1f*.10249%7C1f1%7C1f21%7C1f22%7C1f23,idMap:1f*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1122,oid:49e7405b-7726-11f0-890c-7a91a0679367,v:19.8.605,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=1a783223-12be-a211-dfd1-a85266cac4d0&tv=%7Bc:l4xv6J,pingTime:-8,time:1122,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1123,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1121,wc:80.80.1600.1200,ac:395.104.970.250,am:i,cc:395.104.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~100%5D,as:%5B17~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uTCJkCT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b12%7C1b131%7C1b132%7C1b133%7C1b134%7C1b135%7C1b14%7C1b151%7C1b152%7C1b153%7C1b154%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e%7C1f*.10249%7C1f1%7C1f21%7C1f22%7C1f23,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1122%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.145.238.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-238-124.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=1a783223-12be-a211-dfd1-a85266cac4d0&tv=%7Bc:l4xv6W,pingTime:0,time:1135,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1121%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1135,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1121,wc:80.80.1600.1200,ac:395.104.970.250,am:i,cc:395.104.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B29~100%5D,as:%5B29~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uTCJkCT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b12%7C1b131%7C1b132%7C1b133%7C1b134%7C1b135%7C1b14%7C1b151%7C1b152%7C1b153%7C1b154%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e%7C1f*.10249%7C1f1%7C1f21%7C1f22%7C1f23,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1122,msd:0,ph:9054%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.145.238.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-238-124.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=1a783223-12be-a211-dfd1-a85266cac4d0&tv=%7Bc:l4xv78,pingTime:-2,time:1147,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:24,beZ:26,mfA:1119,cmA:1120,inA:1121,inZ:1132,prA:1132,prZ:1140,si:1146,poA:1147,poZ:1156,cmZ:1156,mfZ:1156,loA:1161,loZ:1164,ltA:1171,ltZ:1171,mdA:27,mdZ:1086%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN,newUser:true,dateCreated:2025-08-12T02:44:34.419Z,gpcEnabled:undefined%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1121%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1147,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1121,wc:80.80.1600.1200,ac:395.104.970.250,am:i,cc:395.104.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~100%5D,as:%5B41~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uTCJkCT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b12%7C1b131%7C1b132%7C1b133%7C1b134%7C1b135%7C1b14%7C1b151%7C1b152%7C1b153%7C1b154%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e%7C1f*.10249%7C1f1%7C1f21%7C1f22%7C1f23,idMap:1f*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1122,slid:%5Bgoogle_ads_iframe_/59666047/theguardian.com/australia-news/article/ng_1,google_ads_iframe_/59666047/theguardian.com/australia-news/article/ng_1__container__,dfp-ad--top-above-nav,bannerandheader%5D,msd:0,ph:9054,igt:1,sinceFw:24,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.145.238.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-238-124.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=1a783223-12be-a211-dfd1-a85266cac4d0&tv=%7Bc:l4xv7s,time:1167,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1167,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1121,wc:80.80.1600.1200,ac:395.104.970.250,am:i,cc:395.104.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B61~100%5D,as:%5B61~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uTCJkCT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b111%7C1b112%7C1b113%7C1b114%7C1b115%7C1b116%7C1b117%7C1b12%7C1b131%7C1b132%7C1b133%7C1b134%7C1b135%7C1b14%7C1b151%7C1b152%7C1b153%7C1b154%7C1b16%7C1b17%7C1b18%7C1b19%7C1c%7C1d%7C1e%7C1f*.10249%7C1f1%7C1f21%7C1f22%7C1f23,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1122,msd:0,ph:9054,igt:1,sis:1148%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.145.238.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-238-124.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 12 Aug 2025 02:44:39 GMT
pragma
no-cache
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 75C9 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_nCIzNzRsrsgI-bpKbixadJWjiP-2tuU3OwByrovKcTPHkkIIXfHPhdrYbXDHFJdWHujTnSBG0vaV9HuqJLfzbTtljnahIFu0P570IaEAO1jSNHwvkBjkfo1zVUXGb56-34Iw75D5yEd6I6i4fGWgbCcnO1niKcPesG_Oy3piQ7mfZic&sig=Cg0ArKJSzJxszGhB396yEAE&id=lidar2&mcvt=1000&p=24,315,274,1285&tm=1363.6999998092651&tu=363.4000005722046&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250806&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3288983813&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=5089947800&rst=1754966677840&rpt=576&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Aug 2025 02:44:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 3947 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQiNDtGOsbTUexHlM7mlnX6simCQ4xT_j6OBIy5D6SB56E6UCT8ab3ikkP7m6HfZrIbE1EIFqF63Cc_bPnqONTvOf3dcZR7M7PYOOmN1VPAama1TOpXnIagvrt4BPKTPAYd2rriE90KSby1CNDk60d20dqIlYdsU1KvN8vbOfZbw8AMc3kRoYQhDRdZbR9cxFPgZ47b0QaEfQglvFov034j7uxstgslkhMR5bz_HyY-c9RfjMP6IG5LoLZ-JjLM_jRMFJr6-YVoHRq03AEy4VicnLa2DTmdQEuMxPjk3fsbxnpuAcgiVwdAiod5i_rIlLrlqZjPmwRH_AeQS9U0-tTtd9f7XIC8ca29VEVwwRIii5ZZC9PJMlZvHLSt3yHyfHDQtzomZ99NS_HcPv96PH0iSgP1eRlOF-fdvaSSkpj448l-BkVDqG1UGuzfkJzM2sV7WcF4s78sQCJx8PNPawbyPtIl8o5&sai=AMfl-YTsgscBREeiGRvBQEbQWyJPyTImoFcZnxA3tcUMHGQj5W9Ca5DpJIA7_ziMznAiq91Vcs4OEnfFguLRs0C8dHxZNpSBBKudpyQro4rhCI9XEqMBg1eCaOwN93bhN82T7z7E0mHjDrjHoWF9k5995kQ5SYbrSRDNcd3M9UE5xl2hIXn5OZq1932KMuCFVMNL8HCYaAHmvgewTl963oVx67bAB68ke3XG76oQDe_G4eULYaRwmcCs1zWD7rVohTYg4uw&sig=Cg0ArKJSzFQ56FzNZzAGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 12 Aug 2025 02:44:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3947 		222 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
236c34aed623ea7a65d75d7e3e0bac4bfcd6dc070ea1abbdb3db3ea5be4a1061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

content-encoding
br
etag
5776204965252557975
age
1619
x-content-type-options
nosniff
expires
Tue, 12 Aug 2025 03:17:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 12 Aug 2025 02:17:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69782
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3947 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 12 Aug 2025 02:44:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3947 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 12 Aug 2025 02:44:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jload
pixel.adsafeprotected.com/ Frame D732 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10249&campId=300x600&pubId=4751525411&chanId=85574607&placementId=5317872706&pubCreative=138304903547&pubOrder=2673903274&custom=article&custom2=right&custom3=au&adsafe_par&impId=4828796b-7726-11f0-953f-f2f32a18cd5b
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.253.228.139 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-228-139.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
5ab34575904cdef91dfc2cf30e59b1818b7f10ac4e8edb564cc600993451778b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Tue, 12 Aug 2025 02:44:39 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
admi
aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/e/dtb/ Frame C096 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-events-cell02-cf.ap-southeast.aps.axp.amazon-adsystem.com/e/dtb/admi?b=JDJy1F-IiOhXQfswtbC1lkYAAAGYnCpSjwUAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCKdbLL&rnd=1823788331101754966679524&pp=8rfaww&p=3f54ao&crid=2307:krxo1qhn&ep=%7B%22ce%22%3A%221%22%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-123.syd62.r.cloudfront.net
Software
Server /
Resource Hash
a33de52dd8317dc37df96b6d9092baa00826d1ff24316f7cec01b6cdaac541be

Request headers

Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-store, max-age=0
content-encoding
gzip
content-length
4286
content-type
text/html;charset=UTF-8
date
Tue, 12 Aug 2025 02:44:39 GMT
server
Server
via
1.1 48e2dac80dc53d66fef4721e63ea9f44.cloudfront.net (CloudFront)
x-amz-cf-id
RmrzFYzZ6m8cyMVFoSOVsh5yBKJ2VPAe9hOCYtPxYyDIxC6MkIel2A==
x-amz-cf-pop
SYD62-P3
x-cache
Miss from cloudfront
csm_othersv6.js
c.amazon-adsystem.com/bao-csm/direct/ Frame 3947 		58 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv6.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
Server /
Resource Hash
94a26e328e233d2c4b23f966f0836d1974b8b1db6ede373bbf9d9e97f478239b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.theguardian.com/australia-news/2025/aug/03/online-shoppers-weight-loss-scam-ghost-stores-impersonate-real-people-sell-ozempic-like-treatments-ntwnfb

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
196984c43b1ab892e77abe088cd8e908
x-amz-version-id
RFpLbSCrvXeKCA9u0rxcP_gONyLhh3UT
age
77060
via
1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
zmMCpxU56T8G9DCLsf_Xzk0wXTCqz8CaObHSl89metF8cDbgzqtLHw==
date
Mon, 11 Aug 2025 05:20:18 GMT
content-type
application/javascript
x-amz-cf-pop
SYD62-P3
server
Server
x-amz-server-side-encryption
AES256
pixel
protected-by.clarium.io/ Frame 3947 		68 B
243 B 		Image
General