urlscan.io logo urlscan.io
SecurityTrails logo

www.theguardian.com Open in urlscan Pro
2a04:4e42::367  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Submission: On January 14 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 10 countries across 94 domains to perform 392 HTTP transactions. The main IP is 2a04:4e42::367, located in United States and belongs to FASTLY, US. The main domain is www.theguardian.com. The Cisco Umbrella rank of the primary domain is 6828.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 14th 2023. Valid for: a year.
This is the only time www.theguardian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2a04:4e42::367 54113 (FASTLY)
23 2a04:4e42:200... 54113 (FASTLY)
18 54.73.52.131 16509 (AMAZON-02)
6 151.101.65.111 54113 (FASTLY)
18 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 52.85.107.191 16509 (AMAZON-02)
2 4 3.161.213.50 16509 (AMAZON-02)
1 199.232.36.157 54113 (FASTLY)
8 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.40.162 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.35.93.125 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 104.244.42.5 13414 (TWITTER)
2 104.244.42.67 13414 (TWITTER)
1 54.192.51.26 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 5 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
11 14 68.67.160.26 29990 (ASN-APPNEX)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 54.83.89.247 14618 (AMAZON-AES)
7 34.107.254.252 396982 (GOOGLE-CL...)
2 3.161.212.32 16509 (AMAZON-02)
1 35.211.68.203 15169 (GOOGLE)
2 107.23.224.83 14618 (AMAZON-AES)
3 11 104.18.36.155 13335 (CLOUDFLAR...)
2 54.86.180.217 14618 (AMAZON-AES)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 2607:f350:3:2... 27630 (AS-XFERNET)
2 2620:100:a001... 19750 (AS-CRITEO)
7 172.64.144.78 13335 (CLOUDFLAR...)
1 20.40.202.2 8075 (MICROSOFT...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 21 52.46.151.131 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 17 51.222.39.185 16276 (OVH)
4 23.51.57.13 16625 (AKAMAI-AS)
1 20 2607:f350:3:2... 27630 (AS-XFERNET)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
3 3 23.105.12.158 30633 (LEASEWEB-...)
1 1 63.251.86.50 10913 (INTERNAP-BLK)
3 9 63.251.86.49 10913 (INTERNAP-BLK)
22 34.203.113.223 14618 (AMAZON-AES)
3 12 52.223.22.214 16509 (AMAZON-02)
2 2 3.222.179.146 14618 (AMAZON-AES)
1 2 74.119.119.150 19750 (AS-CRITEO)
18 23 142.250.81.226 15169 (GOOGLE)
1 1 192.132.33.68 18568 (BIDTELLECT)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 185.167.164.49 198622 (ADFORM)
2 6 2600:1f18:4e9... 14618 (AMAZON-AES)
10 10 35.211.178.172 15169 (GOOGLE)
2 2 2606:4700:1::... 13335 (CLOUDFLAR...)
12 12 35.71.131.137 16509 (AMAZON-02)
2 2 199.38.167.130 54312 (ROCKETFUEL)
2 2 52.6.81.107 14618 (AMAZON-AES)
6 6 198.148.27.131 19189 (PULSEPOINT)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
3 3 82.145.213.8 39832 (NO-OPERA)
1 3 3.216.208.235 14618 (AMAZON-AES)
3 4 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.214.163.22 15169 (GOOGLE)
1 2 34.224.134.119 14618 (AMAZON-AES)
1 1 34.206.181.88 14618 (AMAZON-AES)
10 10 162.248.18.32 62713 (AS-PUBMATIC)
5 8 8.28.7.83 62713 (AS-PUBMATIC)
1 23.52.160.28 16625 (AKAMAI-AS)
1 1 67.202.105.21 32748 (STEADFAST)
4 4 69.194.240.13 26120 (RHYTHMONE)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 3 63.251.28.134 26558 (FREEWHEEL)
1 1 23.32.172.185 16625 (AKAMAI-AS)
2 23.47.170.102 16625 (AKAMAI-AS)
1 1 216.200.232.249 30419 (MEDIAMATH...)
1 1 213.19.162.90 3356 (LEVEL3)
12 19 8.43.72.98 26667 (RUBICONPR...)
1 1 80.77.87.163 46636 (NATCOWEB)
2 2 2606:ae80:145... 25751 (VALUECLICK)
3 3 34.200.65.202 14618 (AMAZON-AES)
1 1 198.24.162.123 19437 (SS-ASH)
1 3 104.36.115.113 62713 (AS-PUBMATIC)
10 2607:f8b0:400... 15169 (GOOGLE)
3 3 35.194.66.159 396982 (GOOGLE-CL...)
2 2 207.198.113.204 13768 (COGECO-PEER1)
2 2 52.204.171.89 14618 (AMAZON-AES)
5 7 34.111.113.62 396982 (GOOGLE-CL...)
1 1 8.2.110.134 46636 (NATCOWEB)
9 9 54.152.0.153 14618 (AMAZON-AES)
1 1 23.21.51.122 14618 (AMAZON-AES)
1 40.76.134.238 8075 (MICROSOFT...)
1 5 162.248.18.37 62713 (AS-PUBMATIC)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 1 69.173.151.100 26667 (RUBICONPR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 52.95.125.22 16509 (AMAZON-02)
1 147.28.129.37 54825 (PACKET)
2 2 52.71.68.246 14618 (AMAZON-AES)
1 1 2600:9000:251... 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 54.192.51.45 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
3 162.248.18.34 62713 (AS-PUBMATIC)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 2 3.161.213.49 16509 (AMAZON-02)
1 2620:112:f002... 6336 (TURN-US-ASN)
10 11 162.19.138.120 16276 (OVH)
3 3 3.212.106.63 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
2 2 52.3.200.189 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 173.231.178.115 32475 (SINGLEHOP...)
1 1 23.105.12.150 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 34.224.207.11 14618 (AMAZON-AES)
1 3.229.81.23 14618 (AMAZON-AES)
1 52.22.192.2 14618 (AMAZON-AES)
392 87
36    2a04:4e42::367 (United States)

ASN54113 (FASTLY, US)
www.theguardian.com
assets.guim.co.uk
i.guim.co.uk
sourcepoint.theguardian.com
23    2a04:4e42:200::367 (United States)

ASN54113 (FASTLY, US)
assets.guim.co.uk
contributions.guardianapis.com
sourcepoint.theguardian.com
18    54.73.52.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
ophan.theguardian.com
6    151.101.65.111 (United States)

ASN54113 (FASTLY, US)
api.nextgen.guardianapps.co.uk
18    2607:f8b0:4006:81c::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    52.85.107.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-107-191.yul62.r.cloudfront.net
c.amazon-adsystem.com
4    3.161.213.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-50.yul62.r.cloudfront.net
sb.scorecardresearch.com
1    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
8    2607:f8b0:4006:809::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
www.googleadservices.com
2    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    13.35.93.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-125.jfk50.r.cloudfront.net
cdn.adsafeprotected.com
2    2606:4700:20::681a:d12 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
4    2607:f8b0:4006:81c::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    54.192.51.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-26.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2607:f8b0:4006:81d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2607:f8b0:4006:80f::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81f::2006 (Colchester, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
14    68.67.160.26 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    2607:f8b0:4006:822::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2607:f8b0:4006:80f::2016 (Colchester, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
6    54.83.89.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-89-247.compute-1.amazonaws.com
pixel.adsafeprotected.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
2    3.161.212.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-212-32.yul62.r.cloudfront.net
aax.amazon-adsystem.com
1    35.211.68.203 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 203.68.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    107.23.224.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-224-83.compute-1.amazonaws.com
krk2.kargo.com
11    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
2    54.86.180.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-180-217.compute-1.amazonaws.com
tlx.3lift.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
7    172.64.144.78 (United States)

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
4    2607:f8b0:4006:80c::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
21    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2607:f8b0:4006:80e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
www.googletagservices.com
2    2607:f8b0:4006:81c::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
17    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
4    23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
20    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
3    23.105.12.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
1    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
9    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
22    34.203.113.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-113-223.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
cs.minutemedia-prebid.com
12    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    3.222.179.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-179-146.compute-1.amazonaws.com
i.liadm.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
23    142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
cm.g.doubleclick.net
1    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com
bttrack.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
3    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    2600:1f18:4e9:5a02:bfa:a46e:1266:8631 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
10    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    2606:4700:1::6813:834c (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    52.6.81.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-81-107.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    3.216.208.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-208-235.compute-1.amazonaws.com
dpm.demdex.net
4    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.214.163.22 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 22.163.214.35.bc.googleusercontent.com
csync.loopme.me
2    34.224.134.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-134-119.compute-1.amazonaws.com
match.sharethrough.com
1    34.206.181.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-181-88.compute-1.amazonaws.com
ads.yieldmo.com
10    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
8    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    23.52.160.28 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-28.deploy.static.akamaitechnologies.com
contextual.media.net
1    67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    63.251.28.134 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    23.32.172.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.47.170.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-170-102.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
19    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    2606:ae80:1451:24::730 (United States)

ASN25751 (VALUECLICK, US)
prebid-match.dotomi.com
3    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    198.24.162.123 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    2607:f8b0:4006:80b::2006 (Colchester, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    207.198.113.204 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.204.171.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-171-89.compute-1.amazonaws.com
sync.crwdcntrl.net
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
9    54.152.0.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-0-153.compute-1.amazonaws.com
match.prod.bidr.io
1    23.21.51.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-51-122.compute-1.amazonaws.com
aorta.clickagy.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
5    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
8    2607:f8b0:4006:816::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    2607:f8b0:4006:80b::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    52.71.68.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-68-246.compute-1.amazonaws.com
sync.ipredictive.com
1    2600:9000:2510:1a00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:215f:e400:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    54.192.51.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-45.yul62.r.cloudfront.net
sync1.intentiq.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    3.161.213.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-49.yul62.r.cloudfront.net
api.intentiq.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
11    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
3    3.212.106.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-106-63.compute-1.amazonaws.com
ice.360yield.com
ad2.360yield.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
2    52.3.200.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-200-189.compute-1.amazonaws.com
ads.creative-serving.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    173.231.178.115 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
1    23.105.12.150 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    34.224.207.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-207-11.compute-1.amazonaws.com
thrtle.com
1    3.229.81.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-81-23.compute-1.amazonaws.com
crb.kargo.com
1    52.22.192.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-192-2.compute-1.amazonaws.com
sync.bfmio.com
Apex Domain
Subdomains		 Transfer
40 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 263
pubads.g.doubleclick.net — Cisco Umbrella Rank: 415
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
201 KB
40 guim.co.uk
assets.guim.co.uk — Cisco Umbrella Rank: 20525
i.guim.co.uk — Cisco Umbrella Rank: 15965
807 KB
35 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image8.pubmatic.com — Cisco Umbrella Rank: 664
image2.pubmatic.com — Cisco Umbrella Rank: 912
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
image4.pubmatic.com — Cisco Umbrella Rank: 1237
45 KB
32 theguardian.com
www.theguardian.com — Cisco Umbrella Rank: 6828
ophan.theguardian.com — Cisco Umbrella Rank: 18877
sourcepoint.theguardian.com — Cisco Umbrella Rank: 21246
238 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
91 KB
24 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 579
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
29 KB
22 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2202
sync.go.sonobi.com — Cisco Umbrella Rank: 976
19 KB
21 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1999
cs.yellowblue.io — Cisco Umbrella Rank: 1706
9 KB
18 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
2 MB
17 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
7 KB
14 googlesyndication.com
a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
443 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
7 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
13 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
5 KB
11 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
16 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
7 KB
11 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1225
x.bidswitch.net — Cisco Umbrella Rank: 373
5 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
205 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
12 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
5 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
5 KB
9 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3125
api.permutive.com — Cisco Umbrella Rank: 2271
338 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
dis.eu.criteo.com — Cisco Umbrella Rank: 7526
14 KB
8 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 220
81 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
95 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 524
2 KB
7 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 4452
11 KB
7 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3571
pixel.adsafeprotected.com — Cisco Umbrella Rank: 851
26 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
5 KB
6 guardianapps.co.uk
api.nextgen.guardianapps.co.uk — Cisco Umbrella Rank: 20100
11 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
40 KB
5 guardianapis.com
contributions.guardianapis.com — Cisco Umbrella Rank: 21680
37 KB
4 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 880
sync1.intentiq.com — Cisco Umbrella Rank: 3054
api.intentiq.com — Cisco Umbrella Rank: 1555
4 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
913 B
4 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6940
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
1 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
4 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1892
ad2.360yield.com — Cisco Umbrella Rank: 10852
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
2 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
2 KB
3 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2728
crb.kargo.com — Cisco Umbrella Rank: 1149
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2888
collector.brandmetrics.com — Cisco Umbrella Rank: 3185
20 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1397
686 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
1011 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4277
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
1 KB
2 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 1917
674 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
d.turn.com — Cisco Umbrella Rank: 1381
434 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
513 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
2 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
1 KB
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1347
895 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
1 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
108 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
610 B
2 t.co
t.co — Cisco Umbrella Rank: 656
602 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463
136 KB
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1716
425 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1913
4 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
7 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
554 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
450 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
27 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
65 KB
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1875
647 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 2030
319 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3182
562 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3405
610 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 973
597 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
669 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
462 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 901
503 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 709
641 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 651
515 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
249 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 790
633 B
1 ad.gt
ids.ad.gt — Cisco Umbrella Rank: 1592
189 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 866
353 B
1 prmutv.co
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co — Cisco Umbrella Rank: 41000
389 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 745
15 KB
0 mdhv.io Failed
jelly.mdhv.io Failed
392 94
Domain Requested by
26 assets.guim.co.uk www.theguardian.com
assets.guim.co.uk
a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
23 cm.g.doubleclick.net 18 redirects u.openx.net
onetag-sys.com
eb2.3lift.com
21 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
u.openx.net
onetag-sys.com
ce.lijit.com
ads.pubmatic.com
20 sync.go.sonobi.com 1 redirects s.amazon-adsystem.com
sync.go.sonobi.com
18 www.youtube.com assets.guim.co.uk
www.youtube.com
www.theguardian.com
18 ophan.theguardian.com www.theguardian.com
17 onetag-sys.com 2 redirects s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
onetag-sys.com
15 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
onetag-sys.com
14 pixel.rubiconproject.com 8 redirects onetag-sys.com
14 i.guim.co.uk www.theguardian.com
13 ib.adnxs.com 10 redirects assets.guim.co.uk
eb2.3lift.com
13 sourcepoint.theguardian.com assets.guim.co.uk
sourcepoint.theguardian.com
12 match.adsrvr.org 12 redirects
12 eb2.3lift.com 3 redirects s.amazon-adsystem.com
assets.guim.co.uk
eb2.3lift.com
11 id5-sync.com 10 redirects
10 s0.2mdn.net www.theguardian.com
s0.2mdn.net
10 image8.pubmatic.com 10 redirects
10 x.bidswitch.net 10 redirects
9 match.prod.bidr.io 9 redirects
9 ce.lijit.com 3 redirects s.amazon-adsystem.com
ce.lijit.com
8 tpc.googlesyndication.com a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 image2.pubmatic.com 5 redirects ads.pubmatic.com
8 jnn-pa.googleapis.com www.youtube.com
8 securepubads.g.doubleclick.net assets.guim.co.uk
securepubads.g.doubleclick.net
www.theguardian.com
a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
www.googletagservices.com
7 pixel.tapad.com 5 redirects s.amazon-adsystem.com
7 elb.the-ozone-project.com assets.guim.co.uk
elb.the-ozone-project.com
ads.stickyadstv.com
7 api.permutive.com assets.guim.co.uk
6 cs.yellowblue.io cs-server-s2s.yellowblue.io
onetag-sys.com
6 bh.contextweb.com 6 redirects
6 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
u.openx.net
s.amazon-adsystem.com
6 pixel.adsafeprotected.com assets.guim.co.uk
6 api.nextgen.guardianapps.co.uk assets.guim.co.uk
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 simage2.pubmatic.com 1 redirects ads.pubmatic.com
5 us-u.openx.net 2 redirects u.openx.net
5 www.google.com www.theguardian.com
www.youtube.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
www.youtube.com
5 contributions.guardianapis.com assets.guim.co.uk
www.theguardian.com
4 pagead2.googlesyndication.com assets.guim.co.uk
tpc.googlesyndication.com
4 px.ads.linkedin.com 1 redirects sync.go.sonobi.com
eb2.3lift.com
4 idsync.rlcdn.com 3 redirects
4 ads.pubmatic.com s.amazon-adsystem.com
assets.guim.co.uk
elb.the-ozone-project.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
4 www.gstatic.com www.youtube.com
www.gstatic.com
4 fonts.gstatic.com www.youtube.com
4 sb.scorecardresearch.com 2 redirects www.theguardian.com
3 um.simpli.fi 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 ads.stickyadstv.com 2 redirects elb.the-ozone-project.com
3 sync.1rx.io 3 redirects
3 dpm.demdex.net 1 redirects sync.go.sonobi.com
3 t.adx.opera.com 3 redirects
3 creativecdn.com 3 redirects
3 c1.adform.net 3 redirects
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 c.amazon-adsystem.com assets.guim.co.uk
3 www.google-analytics.com www.theguardian.com
assets.guim.co.uk
2 ad2.360yield.com 2 redirects
2 thrtle.com 1 redirects
2 cm.adgrx.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 api.intentiq.com 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 eus.rubiconproject.com cs-server-s2s.yellowblue.io
eus.rubiconproject.com
2 match.sharethrough.com 1 redirects
2 sync.srv.stackadapt.com 2 redirects
2 p.rfihub.com 2 redirects
2 cm.mgid.com 2 redirects
2 dis.criteo.com 1 redirects ssum-sec.casalemedia.com
2 i.liadm.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 bidder.criteo.com assets.guim.co.uk
2 apex.go.sonobi.com assets.guim.co.uk
2 hbopenbid.pubmatic.com assets.guim.co.uk
2 tlx.3lift.com assets.guim.co.uk
2 htlb.casalemedia.com assets.guim.co.uk
2 krk2.kargo.com assets.guim.co.uk
2 aax.amazon-adsystem.com assets.guim.co.uk
2 i.ytimg.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 analytics.twitter.com www.theguardian.com
2 t.co www.theguardian.com
2 cdn.brandmetrics.com assets.guim.co.uk
cdn.brandmetrics.com
2 cdn.permutive.com assets.guim.co.uk
2 cdn.confiant-integrations.net assets.guim.co.uk
cdn.confiant-integrations.net
1 ssum.casalemedia.com 1 redirects
1 image4.pubmatic.com
1 sync.bfmio.com
1 crb.kargo.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 dis.eu.criteo.com 1 redirects
1 ice.360yield.com 1 redirects
1 d.turn.com
1 secure.adnxs.com 1 redirects
1 js-sec.indexww.com assets.guim.co.uk
1 mug.criteo.com
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 prebid.a-mo.net
1 aax-eu.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 static.criteo.net assets.guim.co.uk
1 cdnjs.cloudflare.com s0.2mdn.net
1 www.googletagservices.com a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 aorta.clickagy.com 1 redirects
1 cs.minutemedia-prebid.com ce.lijit.com
1 cs.krushmedia.com 1 redirects
1 server.cpmstar.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 sync.mathtag.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 contextual.media.net cs-server-s2s.yellowblue.io
1 ads.yieldmo.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 csync.loopme.me 1 redirects
1 pippio.com 1 redirects
1 ids.ad.gt 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 ap.lijit.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 pubads.g.doubleclick.net www.theguardian.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 grid.bidswitch.net assets.guim.co.uk
1 d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co assets.guim.co.uk
1 stats.g.doubleclick.net assets.guim.co.uk
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.adsafeprotected.com assets.guim.co.uk
1 www.googleadservices.com assets.guim.co.uk
1 static.ads-twitter.com assets.guim.co.uk
1 www.theguardian.com
0 jelly.mdhv.io Failed ads.stickyadstv.com
392 148
Subject Issuer Validity Valid
theguardian.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-14 -
2024-12-15		 a year crt.sh
ophan.theguardian.com
Amazon RSA 2048 M02		 2023-05-30 -
2024-06-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-04 -
2025-01-02		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
the-ozone-project.com
E1		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh

This page contains 39 frames:

Primary Page: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Frame ID: FB9B4D1D8944B11383868687B51D4463
Requests: 164 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Frame ID: BBC79E7CB91B0EF6AAEFF821CE482FBF
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Frame ID: B51D4366825E125611ABD6FF95784514
Requests: 19 HTTP requests in this frame

Frame: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
Frame ID: 55DAF7C42EB47DD314CF71CAF58669F8
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Frame ID: A25BDCC966DC6E0E6F6DF1609DF56714
Requests: 1 HTTP requests in this frame

Frame: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A3220C93D01A4F6784C38E04723670E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 64B7BCA7B1CAC5A5256531DF377ECDB3
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 0CDE3464608EA92E24D462F9BB5B997C
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 9C11AEBB2B326C39BFE8FA7E9088331F
Requests: 12 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Frame ID: F6500D333E3794B7240D5B6164174459
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 9E70F6AA6B8DE348ABB8C9FF04680309
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4695284997587168214&gdpr=0&gdpr_consent=
Frame ID: E81E89FE971387A1F03A6AC4BE0D9366
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8114484655641338530&ex=appnexus.com
Frame ID: 665D950DB2F03D7E4DA86484F85822F0
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: FB0EA6E04206BD6EEE22A6202EEB197E
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 9695E744B326F32B93E3F1470F605944
Requests: 16 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2767268955237725445066
Frame ID: 78E6D2137FCC7E4BB847741DA6A69A3D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 31E77FAB98528B0049EAEB573E7DE11F
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 5FBC4F4A800BB670180B1BAE318AAB69
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/iframe_buster_200_260.js
Frame ID: E286222DA35504AEC9E1AA14A84E7BE4
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=FEA477D7-E748-4899-82A8-124C1887F622&redir=true&gdpr=0&gdpr_consent=
Frame ID: 1D790A1D5CC6DF89E179BA052A6AE6D2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Frame ID: F9DEC4816F16BB70597F94D805063CC5
Requests: 1 HTTP requests in this frame

Frame: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 19EBA09692797B083C66F8CF2488D1EC
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
Frame ID: 295F3C49788F3C7AD3B57AB95747D0E0
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: CBA22169D7161C609E11C8E1F9807F07
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Frame ID: 14F7B31759A8E22E82B007189EBE0CCB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 345C2B63DC8379C061A7D6189EC87BCF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F704674CD6D45600A2F372822B7F7966
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Frame ID: 7E6B4EAA4E511BF963656DD32B246038
Requests: 13 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Frame ID: 319B041DC44169C8FB6452CE2C341330
Requests: 5 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: 58320329615A6A9A1998C73F70473B8B
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5B09FBA19C6B46A534327F39B46ED456
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: D7D59E398E78FF6F1765CD97531739A1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&redir=true&gdpr=0&gdpr_consent=
Frame ID: F4CC0C8FE0C593C6B8976919D1A51AE3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f2d4fe50-b304-11ee-b07a-530754f5bf46
Frame ID: 743468E46D086F87341548A40B6355E7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMHU7LSDwAABkQtba67w&gdpr=0&gdpr_consent=
Frame ID: A2BEA9E1C9CF6FB0810C968DDC754ED6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8114484655641338530&gdpr=0&gdpr_consent=
Frame ID: AD58CAE5A2A91741002656DF535769D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Frame ID: 7A22D168AD2FC30C99D563192F9BB3E9
Requests: 1 HTTP requests in this frame

Frame: https://jelly.mdhv.io/v4/pixie
Frame ID: 9F88F2726224260E5B78A66F0AD059E7
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5ecef7acd4848427cfbe727e50671f
Frame ID: 34EFE383B4E53538A5C8D5F0D68F71BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Russian stars' semi-naked party sparks wartime backlash – video report | World news | The Guardian

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

392
Requests

71 %
HTTPS

29 %
IPv6

94
Domains

148
Subdomains

87
IPs

10
Countries

5286 kB
Transfer

16750 kB
Size

250
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 104
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705254428363&ns_c=UTF-8&cs_ucfr=1&comscorekw=Russia%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&c8=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report%20%7C%20World%20news%20%7C%20The%20Guardian&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705254428363&ns_c=UTF-8&cs_ucfr=1&comscorekw=Russia%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&c8=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report%20%7C%20World%20news%20%7C%20The%20Guardian&c9=
Request Chain 110
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 115
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 162
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 184
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 185
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4695284997587168214&gdpr=0&gdpr_consent=
Request Chain 186
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8114484655641338530&ex=appnexus.com
Request Chain 187
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 189
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2767268955237725445066
Request Chain 191
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaQeHRs-KDzESOWdA5s7IQAA%26503&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaQeHRs-KDzESOWdA5s7IQAA%26503&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=34ae49e455024fba8e35decc144ebe14 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 193
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaQeHRs-KDzESOWdA5s7IQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVLXdAJHAHaLY_lp0GkUsY&google_cver=1
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaQeHRs_KDzESOWdA5s7IQAAAfcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMjtLDCd3Pv8a0ePg4qOIk4&google_cver=1
Request Chain 195
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=54ea0b9a-3c9b-46a3-8db8-5e57a3af5400
Request Chain 196
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaijeih67e7glkhhl67i87jdaefee7fkbbabackkc2jl
Request Chain 197
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7020910070686028027&expiration=1706464016
Request Chain 200
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.mgid.com/m?cdsp=146480&gdpr=0&gdpr_consent=&us_privacy=&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dsonobi%26user_id%3D%7Bmuidn%7D%26bsw_param%3D7fa1b14f-0035-4358-a1a5-33197ff54bf5%26expires%3D10%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dsonobi%26user_id%3D%7Bmuidn%7D%26bsw_param%3D7fa1b14f-0035-4358-a1a5-33197ff54bf5%26expires%3D10%26gdpr%3D0%26gdpr_consent%3D&cdsp=146480&gdpr=0&gdpr_consent=&us_privacy=&sct=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=303&ssp=sonobi&user_id=o0eaNFYEJvL9&bsw_param=7fa1b14f-0035-4358-a1a5-33197ff54bf5&expires=10&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 201
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=91e92b73fd
Request Chain 202
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
Request Chain 203
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
Request Chain 204
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=UGV6X0tVbzBzcWg4dUdnbHVLaDFDUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEbF_HmmZ3Fq8XTrjfRNfBc&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
Request Chain 205
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi&tc=1
Request Chain 206
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nuid=OPUd7041b611cb241b19e3baf40a5a39c9d&nw=oa
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDNiZjZlYzEtOGIxZi00MzlhLWJhMjEtM2E5NTZkODRjNDJk HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOFZLKIkm7i41jLu0bvgYhQ&google_cver=1
Request Chain 208
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Request Chain 209
  • https://idsync.rlcdn.com/711892.gif?partner_uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDAzYmY2ZWMxLThiMWYtNDM5YS1iYTIxLTNhOTU2ZDg0YzQyZBAAGg0InryQrQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&rand=02158437 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&rand=02158437&expected_cookie=12163915-8b85-498c-80c5-41722806cf64
Request Chain 210
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
Request Chain 213
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=bebc0f58-6d69-4482-b486-e1f8bc632c5a&gdpr_consent=null&gdpr=0
Request Chain 214
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=4695284997587168214&gdpr=0&gdpr_consent=
Request Chain 215
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=71711ccd-bde9-082d-2ff4-17060cddc1a3
Request Chain 216
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8114484655641338530&gdpr=0&gdpr_consent=
Request Chain 217
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=7f17f30d-3f49-483a-87e9-c12bf3b9abf2&gdpr=0
Request Chain 218
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Request Chain 219
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEirThhNNrhLv7tyL1D_&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 220
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTAxRTZBRUEtM0E4NC00NDJFLUJDRUUtRDkwQ0M0M0NGNkQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Request Chain 221
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=2RvHLBNZCVNg&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 223
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212420986209561
Request Chain 224
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1705254430188 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5974938109 HTTP 302
  • https://sync.1rx.io/usersync/turn/8102553495565842921?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005
Request Chain 225
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=5ecef7acd4848427cfbe727e50671f&gdpr_consent=&gdpr=0
Request Chain 226
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5
Request Chain 228
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 233
  • https://match.adsrvr.org/track/cmf/openx?oxid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0&gdpr_consent=
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM1mwICuIHqGOBXD9ZY8nww&google_cver=1
Request Chain 236
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=a5e265a4-1e1e-4f00-9280-198e628bf0f4&gdpr=0&gdpr_consent=
Request Chain 237
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LRDSGJP9-N-ARFS&gdpr=0
Request Chain 238
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8114484655641338530
Request Chain 239
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=ceeb8c3d9f62ccf894c9444daf9b934&gdpr_consent=&gdpr=0
Request Chain 241
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3436f1ae-af3b-4fe8-87f8-c980a9ec95c1
Request Chain 242
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU0a0579c9338846899ced80fe1f7157bd
Request Chain 243
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjQkVpd1O8yPzCa3VH3UiZIk-sj0NW48_7g
Request Chain 244
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=4695284997587168214
Request Chain 245
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3tuo6xT5HFyrqHypndG9ZlzD5uLrXH4KwXB_eb4xjlA
Request Chain 246
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTA3OTJEQ0EtNEI5NC00NUY1LUE4MjUtNjJFQkVFODJEQUE3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEdkeChNdaG94vB8uSUk3Aw&google_cver=1
Request Chain 248
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=TNVDsgtNMw66&ev=1&us_privacy=&pid=562985
Request Chain 249
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=18da5639c48210b5&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAF74WccfRpQwNaRgN4AAAAAAA&expiration=1705340830
Request Chain 250
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-qz3KzeNE2uGPhMTM6Tx8IdqQZzqOvIHT.OFMpgI-~A
Request Chain 251
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
Request Chain 252
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Donetag%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=onetag&user_id=ha9A-quZIInC8oIw01xE0 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
Request Chain 258
  • https://um.simpli.fi/lj_match?r=1705254430179&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=D2D50F43DC4546B49B24C3B39721A84F
Request Chain 259
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dc42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dc42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dc42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=
Request Chain 260
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4dca9d3d-e51e-51da-b17d-3e200c96feae
Request Chain 261
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?3pid=AAFMHU7LSDwAABkQtba67w&pid=85&gdpr=0
Request Chain 262
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H_brhPZH6DnPiOsMRS6WPVr3&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=ZaQeHv013-SSJnjDWpzDE7dC
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_qR31-dISJmCqBJMGIf2Ig%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 266
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FEA477D7-E748-4899-82A8-124C1887F622 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=FEA477D7-E748-4899-82A8-124C1887F622 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVBNDc3RDctRTc0OC00ODk5LTgyQTgtMTI0QzE4ODdGNjIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3z9aTxZn-nEtyQUt8aFQE&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Request Chain 271
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A96578CE3156412C894FDA61369418DC HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Request Chain 272
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Request Chain 305
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LRDSGJFB-1J-5J51 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LRDSGJFB-1J-5J51
Request Chain 314
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NSX52QmjiRQqz7Yfk6LQicn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zc0VAcFE2oJA9yp7llFmPO3f_.TKTMY1V8.HHQ--~A
Request Chain 315
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJEU0dKRkItMUotNUo1MQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELU6WJXZW6KQcJ-igRjWQ0Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJEU0dKRkItMUotNUo1MQ==&google_push=
Request Chain 316
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRDSGJFB-1J-5J51
Request Chain 317
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=&expires=30
Request Chain 318
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ku9olBYRTqq2CDkGvK2xVQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ku9olBYRTqq2CDkGvK2xVQ
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbYVvkmtxDL3m3guHx5Fs0&google_cver=1
Request Chain 320
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRDSGJFB-1J-5J51&ex=d-rubiconproject.com&status=ok
Request Chain 321
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk1NWZmZjNhYTZhYWM4ZTE0YjQwM2M5MmQwZDhiYzgyMTZhNjYzMw
Request Chain 322
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMHU7LSDwAABkQtba67w&expires=30
Request Chain 323
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRDSGJFB-1J-5J51
Request Chain 324
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRDSGJFB-1J-5J51
Request Chain 325
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRDSGJFB-1J-5J51
Request Chain 326
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=526c168f-3361-4ec8-a1b9-dce7246afa61&expires=30
Request Chain 327
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRDSGJFB-1J-5J51
Request Chain 328
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRDSGJFB-1J-5J51 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRDSGJFB-1J-5J51 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRDSGJFB-1J-5J51&ckls=true&ci=2WArcIqglP&nc=false&trid=-1522055582
Request Chain 330
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LLUjs3xQa1dOUlFvT2dGTWw4RmJkcXlPNUN4bkdDYW1XT21wdHBYSmk4eXM4eHE1QksrNVVNVFBRTGxHaFNyNDFmaXViZVFtTXY0Z0p0eUhHUGxMditkM2N4c1VNSGVNOHNUYjhtbFgxaXFYZUNLcVRUcG44T1RwUVlzczdJK0xlUmZ6QXB3Y2themJxRklQNG1zc01HNlBDanNwRC8ydlhLd1FIRUlaVm00eWhhY1RnYXBPUWFKWHhEUmo2WXkxd2NhTUxhNStsTEtHSXY5TGZUVkpPeGYvT0NXRkpDTnhYTFVUODRsUisvSHRyWGFBazZlRGoxak9sNm5wd0Y0RWlrczJBQkEzYXh3RGFXK3pNMVdYa0RTY1E1amVHT0VNanFMek93bjQzZ1k0WVhzRT18&cppv=2
Request Chain 348
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi
Request Chain 349
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D-236313501&pcid=$UID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-236313501&pcid=8114484655641338530
Request Chain 352
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=03bf6ec1-8b1f-439a-ba21-3a956d84c42d HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8114484655641338530&pt=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
Request Chain 353
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=d089631d2d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=d089631d2d
Request Chain 356
  • https://idsync.rlcdn.com/711892.gif?partner_uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ccb77f3d-a741-0308-3bca-cb6714ef7438
Request Chain 357
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nuid=OPU0a0579c9338846899ced80fe1f7157bd&nw=oa
Request Chain 358
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
Request Chain 359
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7020910070686028027&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDNiZjZlYzEtOGIxZi00MzlhLWJhMjEtM2E5NTZkODRjNDJk HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEL3fSV-ir42jBpodRnk1C8A&google_cver=1
Request Chain 362
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
Request Chain 363
  • https://id5-sync.com/s/434/9.gif?puid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F8%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/8/2.gif?puid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-7c2fdvQJO-C6sQt6xBQEqQz2PXOhf4zzmefg2dYZ-A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/7/3.gif?puid=1ae751c3-97ba-42a2-bacf-a4f214c82bfa&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/6/4.gif?puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAFMHU7LSDwAABkQtba67w&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F4%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/4/6.gif?puid=86e1f13e-635d-474f-9ff2-de0c76f493c2&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/3/7.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/3/7.gif?puid=8114484655641338530&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1245%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1245/1/9.gif?puid=H_brhPZH6DnPiOsMRS6WPVr3&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=8114484655641338530&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1246/0/10.gif?puid=H_brhPZH6DnPiOsMRS6WPVr3&gdpr=0&gdpr_consent=
Request Chain 364
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
Request Chain 365
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 366
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc2NzI2ODk1NTIzNzcyNTQ0NTA2Ng%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYtqvgRrmkszfD1EOG5bA0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 368
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc2NzI2ODk1NTIzNzcyNTQ0NTA2Ng%3D%3D
Request Chain 370
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2767268955237725445066?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-FyULFTpE2oTF3nRXJDrwg3mmAVigKZFc9jCZozj34g--~A&dongle=0883
Request Chain 371
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2767268955237725445066&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=5b22f7fc-0d41-4fe3-9bfb-7c0697e28b88&ssp=triplelift&expires=30&user_group=5&bsw_param=7fa1b14f-0035-4358-a1a5-33197ff54bf5 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 372
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=86e1f13e-635d-474f-9ff2-de0c76f493c2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}
Request Chain 373
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8114484655641338530&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 380
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f2d4fe50-b304-11ee-b07a-530754f5bf46
Request Chain 381
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGTUhVN0xTRHdBQUJrUXRiYTY3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFMHU7LSDwAABkQtba67w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFMHU7LSDwAABkQtba67w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFMHU7LSDwAABkQtba67w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4695284997587168214&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAFMHU7LSDwAABkQtba67w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D4695284997587168214%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=4695284997587168214&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMHU7LSDwAABkQtba67w&gdpr=0&gdpr_consent=
Request Chain 382
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8114484655641338530&gdpr=0&gdpr_consent=
Request Chain 383
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e378c25f-9f0c-4dd9-8679-b8561cec8153
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3z9aTxZn-nEtyQUt8aFQE&google_cver=1
Request Chain 388
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A96578CE3156412C894FDA61369418DC
Request Chain 389
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
Request Chain 391
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vJeFZDNE2uUKPUq4BYClk34YP.kQC9Q-~A&gdpr=0
Request Chain 392
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=526c168f-3361-4ec8-a1b9-dce7246afa61&gdpr=0&gdpr_consent=
Request Chain 393
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZaQeHRs-KDzESOWdA5s7IQAA%26503
Request Chain 394
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ae751c3-97ba-42a2-bacf-a4f214c82bfa
Request Chain 396
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5ecef7acd4848427cfbe727e50671f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume914a_7324575840724119086&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAFMHU7LSDwAABkQtba67w&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWVjZWY3YWNkNDg0ODQyN2NmYmU3MjdlNTA2NzFm&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECMoDkg8ukLV_BqEB8oAtPs&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5ecef7acd4848427cfbe727e50671f?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-uKdpn5tE2oNK0oGWzx5jRR3Z5CCPN6KPjG2qEi.h~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=8114484655641338530&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=XtgZSJgx1Rp4zM5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3605806&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=526c168f-3361-4ec8-a1b9-dce7246afa61 HTTP 302
  • https://jelly.mdhv.io/v4/pixie

392 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
www.theguardian.com/world/video/2023/dec/28/ 		729 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0ec295e0a03ab7ca6240f83211801ff209ad5781ff26970c55f1de83bd0b3ad
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
425
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
content-encoding
gzip
content-length
97156
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 17:47:07 GMT
etag
W/"hash-1771349490466690580"
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-gu-edition
us
x-gu-frontend-git-commit-id
5eb93ff79865339a6f5805fb780dbbefb2276f0b
x-timer
S1705254427.221252,VS0,VE79
x-xss-protection
1; mode=block
content.garnett.css
assets.guim.co.uk/stylesheets/e93ff56c6542a9a3453b15fa3869729f/ 		654 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/stylesheets/e93ff56c6542a9a3453b15fa3869729f/content.garnett.css
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8b822804a95224a3a4d16f0d806e0b9cf966a6e964994d4a3bc38e553743e8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
XwzfHI5P02UUuMKIS5_Ekcea_Qqd1Onz
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
G0JDVQ2NPXXT376A
age
892766
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/stylesheets/e93ff56c6542a9a3453b15fa3869729f/content.garnett.css
fastly-restarts
1
x-amz-id-2
3493xzRU6cVFHbYPkBp5C7agONLIegwT2WyzoBPPFW0MTVx5UoHBtW53Tf05W+uk8vDFtB6aai8=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
83844
last-modified
Wed, 22 Nov 2023 11:26:15 GMT
server
AmazonS3
x-timer
S1705254427.382635,VS0,VE1
etag
"e93ff56c6542a9a3453b15fa3869729f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1
print.css
assets.guim.co.uk/stylesheets/811ae34d75bcb745597f0113a5436588/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/stylesheets/811ae34d75bcb745597f0113a5436588/print.css
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26d93964c121853f1bf5637504f40f3ae514fbe74546b361507c5c7f042ced8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
.PoPGqmidX_X_mTOvQVP9xt2x7bC3wU5
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
WQ573D28W59M50PW
age
3394936
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/stylesheets/811ae34d75bcb745597f0113a5436588/print.css
fastly-restarts
1
x-amz-id-2
kW73twWLycwsLE8vtCxqXJui0D4fYAkcyAkcXl9c/WJA/x9O8aFf7sNc+jBChIDXebrxORHithw=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
3066
last-modified
Mon, 16 Jan 2023 09:52:13 GMT
server
AmazonS3
x-timer
S1705254427.382744,VS0,VE1
etag
"811ae34d75bcb745597f0113a5436588"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		168 B
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6,es7,es2017,es2018,es2019,default-3.6,HTMLPictureElement,IntersectionObserver,IntersectionObserverEntry,URLSearchParams,fetch,NodeList.prototype.forEach,navigator.sendBeacon,performance.now,Promise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&clearCache=5
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d98a90c5ca673bc086842e5cd3189cd2bbd9915b82b2f64fbd5211e9b0d6d79b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
age
2259277
detected-user-agent
Chrome Mobile WebView/120.0.6099
x-cache
MISS
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6,es7,es2017,es2018,es2019,default-3.6,HTMLPictureElement,IntersectionObserver,IntersectionObserverEntry,URLSearchParams,fetch,NodeList.prototype.forEach,navigator.sendBeacon,performance.now,Promise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&clearCache=5
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
156
x-served-by
cache-nyc-kteb1890031-NYC
referrer-policy
origin-when-cross-origin
x-timer
S1705254427.413573,VS0,VE74
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
graun.standard.js
assets.guim.co.uk/javascripts/f05c0302673e56da3561/ 		214 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e9a2663c0d712b0e1cf03344736818d3343f0aef4d18159097458affbaba755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
V74jqJhQOCSrA8shnCvMo.mSkrBFr_5A
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
09NT8J3TC1AF7JC9
age
282600
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/f05c0302673e56da3561/graun.standard.js
fastly-restarts
1
x-amz-id-2
qxrCw+D6R1sFGLvKdnYIe+GEUpHa/zYOnPFAHOj6pbJRM/uA3mtpjADh9CBzimoSbCF8qKaI4/s=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
68075
last-modified
Thu, 11 Jan 2024 11:10:22 GMT
server
AmazonS3
x-timer
S1705254427.413726,VS0,VE0
etag
"4a1f4526f735c104ba6abd6a356b9457"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
250
GuardianTextEgyptian-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
NppmnaNT0.flIJWpyurLSQmcrEPnbJ4q
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
DQMYTJS0HHMQETE6
age
2701436
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2
fastly-restarts
1
x-amz-id-2
UqjmidBKGPMBzBSjIIK0BhshHWHxTSVrsZv6KDOu8SamlR7rKUuHR8eukG7taJYXRlJ+EYS/+cs=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
16792
last-modified
Fri, 10 Feb 2023 15:45:04 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254427.476541,VS0,VE0
etag
"66184690aa8f829b88f8d7b855ec63fd"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3017
1920.jpg
i.guim.co.uk/img/media/ff39f2aa56c37b3ea0436861d63b62260baa2e6c/0_0_1920_1080/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/ff39f2aa56c37b3ea0436861d63b62260baa2e6c/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=c9e0d1325bb24a6819990580769cc70f
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00e3b013b34ea6255881e4c5758e03cd30bb899226e02acf9da207f464fe59ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img06-europe-west2
age
946733
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=212152 idim=1920x1080 ifmt=jpeg ofsz=30574 odim=700x394 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
30574
x-served-by
cache-lcy-eglc8600040-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254427.472880,VS0,VE1
etag
"UZv5md/77gJw6hSQ5JluM+L6ADPRxwlMs/hd1zNfcA8"
x-amz-meta-bounds-height
1080
x-amz-meta-bounds-width
1920
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
16:9
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
15, 1
GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
Msu4H0RN5fNTmFpmsaDu.cipueaXmWBh
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
1DQAK2PM70TGV3QE
age
974568
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2
fastly-restarts
1
x-amz-id-2
7Rlkf9+NVKN4CQTSEajwvc5E9I7MyfSv0xlm1DUVFfsfxttqpIS5mTN69ArLfCjq8GVM9cVLR7M=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
17376
last-modified
Fri, 10 Feb 2023 15:45:11 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254427.476468,VS0,VE0
etag
"227b6e4f26bef19d8f2815f6097b7b7c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3828
GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
tKKp.XjpprpAViNnE3ezgGnqSJ6ReAZm
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
JENRHTH1XR2GDRWH
age
2709363
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2
fastly-restarts
1
x-amz-id-2
ZL1/XVNPlTnP2oOU7OSr+tRGwnqqWtRpdbNxyHb3XJjS9OQpI76c4xCPbKGsY/gODgF6EFpNubM=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
15416
last-modified
Fri, 10 Feb 2023 15:45:12 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254427.476749,VS0,VE0
etag
"5c9af23772b65de0d3f1fb8638c196b4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3877
GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
cZB.5DOXNYvF_6or5.utmjVZGw4SnT9B
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
GR28QTPWN427KVQP
age
3484591
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2
fastly-restarts
1
x-amz-id-2
YxcvEWfwmlrVWIfDcUN+X7oVpB3u+OU5Aef+jOJBALTGeUnRMzIEzgaFBKqDcalXbFnIqtvPl5w=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
16492
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254427.476933,VS0,VE0
etag
"f5d54732577509c40f5a5a47f47aeab5"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3763
GHGuardianHeadline-Medium.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
HHIQ3WeGDwVAN5VSRXOfuICG.s7kCaes
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
XYFZDYVXNY0XFW0Z
age
3911595
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2
fastly-restarts
1
x-amz-id-2
MwmEyD2ONQmc3FBx0GqDQdSTPqAKb9Iky79HZpA0sas01RW3fir10T/ZwwzP8jhbIN81uxFtjcs=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
16612
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254427.476868,VS0,VE0
etag
"08f5422d28aa5861fac0170cef914db8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3284
GHGuardianHeadline-MediumItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
aOcyf0Rw_c_KHyqgDfMRZ62nHs_3ToNn
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
BZ35XZD9RJG3KKF3
age
905440
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2
fastly-restarts
1
x-amz-id-2
2hr7ItEMl3mJcUf5obU1lB2tLzL77FxpsZ1vzySD+DKxHji47KVfhRykeakS5IkYqhb70kyKFow=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
19052
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254427.476531,VS0,VE0
etag
"f1117595ec5a2cf9f3a9834f42e5fd08"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
2028
GHGuardianHeadline-Light.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
tM62LOrdLaMKn7SwsykFpyDsGOAwuAG3
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
WD3H4ESRMRQZ8VW6
age
890284
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2
fastly-restarts
1
x-amz-id-2
Ula1kJNQfyxF8eiLAXGlw/8TwSyDk2ZUaBBbyELlqQ3GbxPEPpRwHhxLqQ3KcpVgoXAfx8wb+u8=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
15764
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254427.476477,VS0,VE0
etag
"5acde69d26abfad0f3ef938733057577"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
2056
1
ophan.theguardian.com/img/ 		0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/1?v=16&platform=next-gen&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&ref=&visibilityState=visible&isModernBrowser=true&tz=600&contentType=video&viewId=lrdsgh6lgipstxyb1dt8
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&inPrivateBrowsingMode=false
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
wrapperMessagingWithoutDetection.js
sourcepoint.theguardian.com/unified/ 		124 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c67f73167ff409aac284b1f47dd6fcfe29cb6d1b3df2e7246a35e8d130e70b1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
content-encoding
gzip
via
1.1 8df8d5dfeb782c83ceeb5679f78a9e4e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
362
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-nyc-kteb1890031-NYC
last-modified
Tue, 09 Jan 2024 16:35:30 GMT
server
AmazonS3
x-timer
S1705254428.573743,VS0,VE2
etag
W/"4b9b4df94f981b5bb07ce898f67c5833"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
7JKx5ZVL0_fZvpVGwWne0aQEdSsH7lAB-SDhh6WW4vP3okvp82Zo4w==
x-cache-hits
0
graun.562.js
assets.guim.co.uk/javascripts/45628bf15b5bb4ad4a58/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/45628bf15b5bb4ad4a58/graun.562.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b224021bc64ccb3bdcf0932c088728ab60cc1a7b7c64eeb3a0688ff3857f204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9SSP3GoSHjITUpFRrcq7ryMM21IwgWpa
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
D55PAN502D1HE2PT
age
900244
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/45628bf15b5bb4ad4a58/graun.562.js
fastly-restarts
1
x-amz-id-2
Gspv9Lpv7THAmcfF76jvNFOps3XUOUEGHN0gTq5hlDVeMsXNaAoXB5CR7JfhkZBaaw/paw5C4SI=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
3319
last-modified
Thu, 24 Aug 2023 12:49:37 GMT
server
AmazonS3
x-timer
S1705254428.573170,VS0,VE1
etag
"a5c85c83667f18ec436bdb5f7f560b21"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1
graun.493.js
assets.guim.co.uk/javascripts/271b415d5272e39140b7/ 		189 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/271b415d5272e39140b7/graun.493.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42a703693ed1cb94133924e5be60a8502f574bc8308a6632170d62b6527fd206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
Lk8v5VqCwj8jq4T8VYXGyPl7FzLewcP7
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
HK3EHDTTP4W8EE7E
age
977624
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/271b415d5272e39140b7/graun.493.js
fastly-restarts
1
x-amz-id-2
Zxi7bZq2TDJgoGsVG1bjJPMHq+qmD3KnRYM82Ef6p9/w11caExg5iOyEjud2QPyJl2JCFCKv7yiOmn2rSEHm/Q==
x-served-by
cache-nyc-kteb1890031-NYC
content-length
57892
last-modified
Thu, 14 Dec 2023 11:44:03 GMT
server
AmazonS3
x-timer
S1705254428.573420,VS0,VE1
etag
"ba9eba91a0ddb58966e01a6bbfaa4a79"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1
graun.221.js
assets.guim.co.uk/javascripts/165c7d10cc06a0424de2/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/165c7d10cc06a0424de2/graun.221.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40494eeced6cd53f8eb89e58dfcef0a9cc46a203b8f5b7426e1d8427942e7b2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
BR7MrRlMsDEkJQRYPJKywoCnhQ_Jqxrt
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
H6EGANKJ0K19DW7T
age
968975
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/165c7d10cc06a0424de2/graun.221.js
fastly-restarts
1
x-amz-id-2
Xxd58figwlNDcmavghp97lz9/+dQijFrrvJtrXgnF0mcz8SAhD8WoHT1Mj5ltlXkkmonS9j+wpo=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
6561
last-modified
Tue, 19 Dec 2023 17:32:18 GMT
server
AmazonS3
x-timer
S1705254428.573970,VS0,VE1
etag
"5885371c1a44d2689354fc4ea646de44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1
graun.enhanced.js
assets.guim.co.uk/javascripts/861acb5665f496427074/ 		114 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/861acb5665f496427074/graun.enhanced.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52744fb63afe4c867f1d2c69054cfb1ba8f63fae195e007fcf58ab9f1f3a30ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
aPDFYlBuoXjOTThGDoAuKbTIRQhIjkMi
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
AR06R570N1GNQR74
age
458723
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/861acb5665f496427074/graun.enhanced.js
fastly-restarts
1
x-amz-id-2
iSefuUSrdBEGj9c75olgEmEV2OJXt1D1cAI+LNzcsjwClyIWIZ3Kg/UgMlfzF9vZJKYfpcxyrdM=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
36692
last-modified
Wed, 20 Dec 2023 10:21:22 GMT
server
AmazonS3
x-timer
S1705254428.573971,VS0,VE0
etag
"db5db60cc55f867d306f4431b816db9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
408
graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/ 		256 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b62961df0ee4bf3bd8272adb82d45ae59ce6df736d47cbcfacf58df6830d1d47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
MaQ6ADSebGtCxsSqIvPeidXlIAr7dkBM
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
GZV8HND998320Y4A
age
281126
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
fastly-restarts
1
x-amz-id-2
Nq1EMKLiikc+g55QOFdR1wg3/8Zxkyb1q1WnDFKOdOIcVjgrrMBvJt/CbtTt/hBf+OBolGasrP1gHjJK66kggQ==
x-served-by
cache-nyc-kteb1890031-NYC
content-length
80027
last-modified
Thu, 11 Jan 2024 11:10:22 GMT
server
AmazonS3
x-timer
S1705254428.574325,VS0,VE0
etag
"883bd1604a0fab2572475e49ad3d7957"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
244
header
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Sun, 14 Jan 2024 17:47:07 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.699232,VS0,VE86
2
ophan.theguardian.com/img/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&abTestRegister=%7B%22SignInGateMainVariant%22%3A%7B%22variantName%22%3A%22main-variant-5%22%2C%22complete%22%3A%22false%22%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&abTestRegister=%7B%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&component=privacy-prefs&value=pv%20%3A%20null%20%3A%20gu_tk
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
graun.573.js
assets.guim.co.uk/javascripts/95097902051418f28c75/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/95097902051418f28c75/graun.573.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93581db1a65b27c5928e44993972b4a991d91af679d6761c4f725bf346cba369
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
oDKsD.ayptyZRZ.ELjiMlZaQDWqucJxW
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
G2F8JYKQ7VQ197VN
age
458722
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/95097902051418f28c75/graun.573.js
fastly-restarts
1
x-amz-id-2
VzLCzsakMc5MLyDJpnwVfHSOQpOAql34L+G/FD6E3xoPlSh+NVPiOlg90SU8R+/pqCUr9kpLQps=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
2633
last-modified
Mon, 08 Jan 2024 13:35:22 GMT
server
AmazonS3
x-timer
S1705254428.670593,VS0,VE0
etag
"021d7a47864faae7d64911258222084e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
208
graun.165.js
assets.guim.co.uk/javascripts/acaeb6fcff5fc8f22939/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/acaeb6fcff5fc8f22939/graun.165.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ab0414807c5edeeb9964424a6ca55e9f8cc431fbcdfaf235b6fe1d3f2fbceba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
IJZ9Xt9I1UCNB_XRyDi2h2MjeOMsZlx4
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
VPYCN0VNM5EP8D49
age
456614
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/acaeb6fcff5fc8f22939/graun.165.js
fastly-restarts
1
x-amz-id-2
nM2tHvC7C6Rs4V2brjJf82pa6KtGSv7DopfyWTD3DkzgTEw5+PeMQPFhmqi9mjH1vC41BRUsEECcVzWZ4B2zBA==
x-served-by
cache-nyc-kteb1890031-NYC
content-length
4980
last-modified
Tue, 17 Oct 2023 15:16:49 GMT
server
AmazonS3
x-timer
S1705254428.670698,VS0,VE0
etag
"1a8283869c7b42a430edd0a30f0c9023"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
354
graun.646.js
assets.guim.co.uk/javascripts/1729d95a19841ba93c0a/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/1729d95a19841ba93c0a/graun.646.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15e9b4734176d037f86be9612a437692efdc4596c5708710eaa69741ec265838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
OA7jDKh2GsyUlcwSeqoJ1LMLzPC_xblK
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
MN2XXDEWV6ABAQ1T
age
456892
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/1729d95a19841ba93c0a/graun.646.js
fastly-restarts
1
x-amz-id-2
Cqy5UuSDk+DjtvvvXFvrqYts4Pxrh1weag3ZZ/GOf83cml1YTI+f2PijYEe3sOhzO4XDMb4IPzE=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
13281
last-modified
Thu, 30 Nov 2023 10:01:47 GMT
server
AmazonS3
x-timer
S1705254428.670899,VS0,VE0
etag
"982e652f3bc9d6b766eb696eac4743f4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
224
graun.trail.js
assets.guim.co.uk/javascripts/a5390321460ce155dce2/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/a5390321460ce155dce2/graun.trail.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48990bc28f00611eeb52e4a538848c2b06a12938311f92bed8bc7e80465c2b36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
wKEKHN1fb_jXGbHUh1Vrp1r2454lBjqj
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
9TCCN3MYV20D9G60
age
973995
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/a5390321460ce155dce2/graun.trail.js
fastly-restarts
1
x-amz-id-2
OSudQad4sICoMiaaMrg5FTP+CDmGu8y1k94YKrlbDdBnnZeFfWmnqPEDH9Ix8+EOv7kdSKfU/xg=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
15873
last-modified
Tue, 17 Oct 2023 15:16:49 GMT
server
AmazonS3
x-timer
S1705254428.671045,VS0,VE1
etag
"bdf690260c9301122d2f0198d9f95d52"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1
header
contributions.guardianapis.com/ 		1000 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
294d5775f4505a6883dc8c1d38051953cd47360e20a6d52d40e8acbfe71750a2

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-nyc-kteb1890079-NYC
date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish
x-timer
S1705254428.816000,VS0,VE87
x-powered-by
Express
etag
W/"3e8-m4IiDAZmSV5U3GYS1XA2DYWuIhI"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
content-length
1000
x-cache-hits
0
graun.youtube.js
assets.guim.co.uk/javascripts/0e607f31849edbe276f4/ 		828 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/0e607f31849edbe276f4/graun.youtube.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fdb66711a1ebf63a8d9bf947367feafac71e2e306ea85c263a6d70211ddcfba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
tvxq2_qprJeTicKZKr4cG35c_2fw5wM2
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
43R6JTS4KSDK3R8Z
age
447419
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/0e607f31849edbe276f4/graun.youtube.js
fastly-restarts
1
x-amz-id-2
S0DGKNXefv64hYJdz4xP8CRG74sQ/JQARd1CWBtBHqfwtiBfzcLFxUkro07YoBnJogVEy6ipM6g=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
452
last-modified
Mon, 13 Nov 2023 16:16:51 GMT
server
AmazonS3
x-timer
S1705254428.680638,VS0,VE0
etag
"baadcc25316b4d70d9f94b1fa46addf6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
107
comment-counts.json
api.nextgen.guardianapps.co.uk/discussion/ 		40 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/discussion/comment-counts.json?shortUrls=/p/pk632
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1ec20e67ac7507a2831e18f4f0d53fd8882be8e0f0faf4f2f8c3f484d58d1812

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
discussion
x-cache
HIT, MISS
content-length
62
x-served-by
cache-lcy-eglc8600047-LCY, cache-yyz4524-YYZ
server
nginx
x-timer
S1705254428.743196,VS0,VE135
x-gu-geolocation
country:US
etag
W/"hash-8843768787232476999"
x-gu-frontend-git-commit-id
5eb93ff79865339a6f5805fb780dbbefb2276f0b
vary
Accept-Encoding,Origin,Accept
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=300, stale-while-revalidate=30, stale-if-error=864000, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&attentionMs=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
ccpa.ac4217cf19751641255f.bundle.js
sourcepoint.theguardian.com/unified/4.15.0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/4.15.0/ccpa.ac4217cf19751641255f.bundle.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
407c822fb700f4775c0b6ae9841d23f3cf53e3c98bedbfc82606c84a731cf947
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
content-encoding
gzip
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
436235
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-nyc-kteb1890031-NYC
last-modified
Thu, 04 Jan 2024 23:02:08 GMT
server
AmazonS3
x-timer
S1705254428.722609,VS0,VE3
etag
W/"51888b6087d74be5874f51d91d05df85"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7RplrKOD9Mv7Xh6oGtF9EU7q68g-B_fP5r6nYAYiXMX9kFtW_0zenA==
x-cache-hits
0
get_site_data
sourcepoint.theguardian.com/mms/v2/ 		207 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&account_id=1257
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 abda8496f94099119c2f392e63054efa.cloudfront.net (CloudFront), 1.1 varnish
x-sp-mms-node
ip-10-128-16-101
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.723664,VS0,VE14
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
j7UMuzQ9tUUkW7YSt7Z-DGwmko2Cum2C17QYLkeRbKIsEp4WQcyLrA==
x-cache-hits
0
most-viewed.json
api.nextgen.guardianapps.co.uk/video/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/video/most-viewed.json
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
32c9e03c26249ce618d2733949ec30b2017303efcacbe2dafd2d661efef5158c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
onward
x-cache
HIT, HIT
content-length
1621
x-served-by
cache-lcy-eglc8600029-LCY, cache-yyz4524-YYZ
server
nginx
x-timer
S1705254428.743230,VS0,VE1
x-gu-geolocation
country:US
etag
W/"hash6600487112235292871"
x-gu-frontend-git-commit-id
5eb93ff79865339a6f5805fb780dbbefb2276f0b
vary
Accept-Encoding,Origin,Accept
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
31, 1
world.json
api.nextgen.guardianapps.co.uk/video/section/ 		32 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/video/section/world.json?shortUrl=https://www.theguardian.com/p/pk632&exclude-tag=guardian-professional/guardian-professional
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53a72646b4815557140e729b8cc191f120d135a11253c0a213c3c8c0e2578fc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
onward
x-cache
HIT, MISS
content-length
3749
x-served-by
cache-lcy-eglc8600020-LCY, cache-yyz4524-YYZ
server
nginx
x-timer
S1705254428.743184,VS0,VE90
x-gu-geolocation
country:US
etag
W/"hash-5351291621003874782"
x-gu-frontend-git-commit-id
5eb93ff79865339a6f5805fb780dbbefb2276f0b
vary
Accept-Encoding,Origin,Accept
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
1, 0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sun, 14 Jan 2024 17:47:07 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&video=%7B%22id%22%3A%22gu-video-youtube-422c6aad-d99a-4ad6-be7c-4cfe4fea9fd8%22%2C%22eventType%22%3A%22video%3Acontent%3Aready%22%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
meta-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.15.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
4232
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 ce6ac8bc6515892a00316a83f3713e1e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
6W9aLJ6FCXNWfCzcBPGTi0WWb2At-Gcuk9K491ey1WHU2m50yrtTlg==
x-amz-cf-pop
JFK52-P4
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.768644,VS0,VE4
meta-data
sourcepoint.theguardian.com/wrapper/v2/ 		73 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.15.0&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 4416a31c9d77f8f8b877d81f840c88c8.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
389
x-powered-by
Express
x-cache
Hit from cloudfront, MISS
content-length
73
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.814387,VS0,VE2
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
d5jOMJQwpE-u_a0BJy-Hb3DHKWTSVuFfFaTV9kzWzBvuQasENnyiJw==
x-cache-hits
0
2640.jpg
i.guim.co.uk/img/media/5a3a6b3fc2ce64c3acfa81c46fdfe5e2c30fe4d0/0_42_2640_1585/master/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/5a3a6b3fc2ce64c3acfa81c46fdfe5e2c30fe4d0/0_42_2640_1585/master/2640.jpg?width=140&quality=85&auto=format&fit=max&s=7c2b0b412eeec50916324b56077d1710
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
869aeeff0e1525f5f26f2b16703ea69dc4aa3186760428eef03f3a4bf7dad4ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img07-europe-west2
age
5106
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2139921 idim=2640x1585 ifmt=jpeg ofsz=2348 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
42
content-length
2348
x-served-by
cache-lcy-eglc8600051-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.770819,VS0,VE1
etag
"6Ly9TD3PNgCj1FvQcRIq0Vfc1LSGTDlT/PVH9+bwpc8"
x-amz-meta-bounds-height
1585
x-amz-meta-bounds-width
2640
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
57, 1
4432.jpg
i.guim.co.uk/img/media/4b7477a4dfc42f8b29671dd884e6865cb0a76689/0_292_4432_2660/master/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/4b7477a4dfc42f8b29671dd884e6865cb0a76689/0_292_4432_2660/master/4432.jpg?width=140&quality=85&auto=format&fit=max&s=b94eecaf70e6b492fb3e43444ca769ad
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd5eb6f494c15e13931ccb52737680499868f1cfe2e5b5c55b7834b29e0fe5a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img01-europe-west2
age
5872
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3433603 idim=4432x2660 ifmt=jpeg ofsz=1936 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
292
content-length
1936
x-served-by
cache-lcy-eglc8600068-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.771116,VS0,VE1
etag
"9mg2YOmSfWMq9zs/G0khDX4MCIFADPx/Si44N0yhnpU"
x-amz-meta-bounds-height
2660
x-amz-meta-bounds-width
4432
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
36, 1
1877.jpg
i.guim.co.uk/img/media/f0640116103b8719908a17d808debc63267a3f64/62_0_1877_1127/master/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/f0640116103b8719908a17d808debc63267a3f64/62_0_1877_1127/master/1877.jpg?width=140&quality=85&auto=format&fit=max&s=aa989b851b2cfcf189da2dcb2d9ca848
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2d8406975c01871f26ae31443d3b578ff57ec6524c76ebf059fc832ef974d52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img04-europe-west2
age
17440
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=818992 idim=1877x1127 ifmt=jpeg ofsz=1204 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
1204
x-served-by
cache-lcy-eglc8600054-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.771101,VS0,VE1
etag
"AaGtLVxG4ngdIRHq2pMtuq+rsFykZ/M5zZ/mJE3n96Q"
x-amz-meta-bounds-height
1127
x-amz-meta-bounds-width
1877
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
62
x-cache-hits
49, 1
4198.jpg
i.guim.co.uk/img/media/85c9628e54373081ecb13836584cb48ecff3a90d/900_356_4198_2519/master/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/85c9628e54373081ecb13836584cb48ecff3a90d/900_356_4198_2519/master/4198.jpg?width=140&quality=85&auto=format&fit=max&s=ed8a6081a191edb0aa1e997d5fdc53e5
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32be42cc303826b36438a523c2573736a8af69e8d1ce9018e409849275795c81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img02-europe-west2
age
21403
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=6027619 idim=4198x2519 ifmt=jpeg ofsz=1736 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
356
content-length
1736
x-served-by
cache-lcy-eglc8600055-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.772792,VS0,VE1
etag
"s58qxQy7ojtAnVhKoVaqu8UQSqz+/q08mhqziNk3/JA"
x-amz-meta-bounds-height
2519
x-amz-meta-bounds-width
4198
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
900
x-cache-hits
59, 1
8101.jpg
i.guim.co.uk/img/media/f2dc7e923b6edd96352991985b07f46092465ab3/0_270_8101_4861/master/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/f2dc7e923b6edd96352991985b07f46092465ab3/0_270_8101_4861/master/8101.jpg?width=140&quality=85&auto=format&fit=max&s=7124447a76d54e2089844c5b72e9d9de
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba066e9d186223bbd8976a81d246f23408c1aac7227f13f1b0e278d858c72751

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img01-europe-west2
age
78486
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=12878914 idim=8101x4861 ifmt=jpeg ofsz=1918 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
270
content-length
1918
x-served-by
cache-lcy-eglc8600041-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.773156,VS0,VE1
etag
"4ZVIIXQ47rxxG061e3zkhC6Gc7ioNWOBc8W4UzJBSMI"
x-amz-meta-bounds-height
4861
x-amz-meta-bounds-width
8101
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
19, 1
3374.jpg
i.guim.co.uk/img/media/95b892d4ab1642f62205b86dcb013ca09b68265e/313_643_3374_2024/master/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/95b892d4ab1642f62205b86dcb013ca09b68265e/313_643_3374_2024/master/3374.jpg?width=140&quality=85&auto=format&fit=max&s=39212b4c3c3a494d8b4c00785f53c636
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9543637d94924b80dfa0264249c4dc7b68a2bd268d3c2712d646abd9dae33139

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img01-europe-west2
age
81973
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
fastly-io-info
ifsz=3227476 idim=3374x2024 ifmt=jpeg ofsz=3432 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
643
content-length
3432
x-served-by
cache-lcy-eglc8600021-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.773138,VS0,VE72
etag
"pXyZKrs4kFsNWBdwhSNLF0k8x2xD/2ZppjdGc6zHndA"
x-amz-meta-bounds-height
2024
x-amz-meta-bounds-width
3374
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
313
x-cache-hits
13, 0
www-widgetapi.js
www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 00:56:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
60621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68600
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Jan 2025 00:56:46 GMT
messages
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.15.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 4416a31c9d77f8f8b877d81f840c88c8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
zgidGeTCEpFhq5R-PMNFYclqpgNC-3JASdBeFPBvEXlCqti0oHdKcg==
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.848463,VS0,VE14
messages
sourcepoint.theguardian.com/wrapper/v2/ 		20 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.15.0&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
2159f76936ae83fe443527d34e35aeecb89f7af76ff5e1ae42743c24ac73330f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
content-encoding
gzip
via
1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
x-powered-by
Express
x-cache
Miss from cloudfront, MISS
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.893840,VS0,VE28
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
Soa6z-GcizDmdEtmR4ZA9Wo_dwZskDFn36h_JNEdFeHuSehsflfWmw==
x-cache-hits
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&video=%7B%22id%22%3A%22gu-video-youtube-f179fa15-b867-4f44-97cf-9668ff8e7623%22%2C%22eventType%22%3A%22video%3Acontent%3Aready%22%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2640.jpg
i.guim.co.uk/img/media/5a3a6b3fc2ce64c3acfa81c46fdfe5e2c30fe4d0/0_42_2640_1585/master/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/5a3a6b3fc2ce64c3acfa81c46fdfe5e2c30fe4d0/0_42_2640_1585/master/2640.jpg?width=700&quality=85&auto=format&fit=max&s=6d2ec3c3b1833f23fa15a0befc565986
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
024f56ff441c6c80256a27ec906142832a96d58185ce75e71550eb2aae29249f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img07-europe-west2
age
5106
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2139921 idim=2640x1585 ifmt=jpeg ofsz=19082 odim=700x420 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
42
content-length
19082
x-served-by
cache-lcy-eglc8600051-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.860101,VS0,VE1
etag
"FyTOz00nfZOrdg1bVrUK8pxb53B8vutnA1kQWJsnUHI"
x-amz-meta-bounds-height
1585
x-amz-meta-bounds-width
2640
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
38, 1
4432.jpg
i.guim.co.uk/img/media/4b7477a4dfc42f8b29671dd884e6865cb0a76689/0_292_4432_2660/master/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/4b7477a4dfc42f8b29671dd884e6865cb0a76689/0_292_4432_2660/master/4432.jpg?width=700&quality=85&auto=format&fit=max&s=5f8d346789a88e8111c3cf96df9c6b0b
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d24732546caa624472910b402cb52d6c10ab8e56a5e082d465a970e806c9240a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img04-europe-west2
age
5872
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3433603 idim=4432x2660 ifmt=jpeg ofsz=22096 odim=700x420 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
292
content-length
22096
x-served-by
cache-lcy-eglc8600068-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.861765,VS0,VE2
etag
"Bprzv3mkjYU9lFWCTlTKUbbSGu4YBPtIOsmXTs8chNk"
x-amz-meta-bounds-height
2660
x-amz-meta-bounds-width
4432
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
62, 1
1877.jpg
i.guim.co.uk/img/media/f0640116103b8719908a17d808debc63267a3f64/62_0_1877_1127/master/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/f0640116103b8719908a17d808debc63267a3f64/62_0_1877_1127/master/1877.jpg?width=700&quality=85&auto=format&fit=max&s=de06b26bac098eed8857a37e8301daf9
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71747f28ba67aae7909bef6124f98669986e44179424ae73c9d311c260c9ddad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img04-europe-west2
age
17440
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=818992 idim=1877x1127 ifmt=jpeg ofsz=14274 odim=700x420 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
14274
x-served-by
cache-lcy-eglc8600054-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254428.862247,VS0,VE1
etag
"8geM8IJV66kKrdW6KQjbWwz2WVTfMJfjDt9oB4/aZrU"
x-amz-meta-bounds-height
1127
x-amz-meta-bounds-width
1877
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
62
x-cache-hits
50, 1
Header.js
contributions.guardianapis.com/modules/v3/headers/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/modules/v3/headers/Header.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cc3057f446f03f02d1486db8704224e224169b0174ff0575c7a6f472495a694

Request headers

Referer
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
eJFyjdEx20FBs.uZ9BIGkEeZPwFDZHgN
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
x-amz-request-id
QNX3JAXTP2X4GBTE
age
216
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-surrogate-control
max-age=300
content-length
35107
x-amz-id-2
S5FciMlZpUUMTuTYYJl9fkK5QMlc6VdkuuO5PPld25ePsF0NmfH5Dcb7R4XYisJxwMIuU+yjf4A=
x-served-by
cache-nyc-kteb1890079-NYC
last-modified
Thu, 04 Jan 2024 10:00:10 GMT
server
AmazonS3
x-timer
S1705254428.932749,VS0,VE0
etag
"b85763459c9b9d36dd3c6f0dd7735467"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
4
pv-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.15.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.theguardian.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 4416a31c9d77f8f8b877d81f840c88c8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
zLmOn0eCJI_M2hjySgHbsEfJRj3u5sM02vRizUl3vjfKRYZjopQ7YQ==
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.957361,VS0,VE13
pv-data
sourcepoint.theguardian.com/wrapper/v2/ 		190 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.15.0&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
0cc18b8e79d8ffa78006dd778f2d99f553265c1eca34bcefd1aa9fa4af979dae
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
via
1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
x-powered-by
Express
x-cache
Miss from cloudfront, MISS
content-length
190
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.000187,VS0,VE26
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
GhFgTUJBUSdF0gtqkx6azE4a7DReYocvaQmt8dyxv1lMEB9fhHSawQ==
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 15:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6919
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 14 Jan 2024 17:51:49 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22CONSENT%22%2C%22products%22%3A%5B%5D%2C%22labels%22%3A%5B%2201%3ACCPA%22%2C%2204%3A%22%2C%2205%3Afalse%22%5D%7D%2C%22action%22%3A%22MANAGE_CONSENT%22%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&consentJurisdiction=CCPA&consentUUID=&consent=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
config.js
cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/ 		203 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1100ae4dc74b216da3bcd2a56fc92f5f4877ff5e0184322d6ef2c400d6a938

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 14 Jan 2024 15:58:43 GMT
server
cloudflare
x-amz-request-id
Y0CKA9J0B59X8FHJ
age
499
etag
W/"8beaa440b0b943466487df880aff593b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8457b3cf4acf4bcd-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FmEr+r7PN8cfoVn+duTtvnJxTjDAxsG+G1JOq/f7taRw2Tl6cMOfUOuIeQtHkyojwqP+7HOaR1M9tQdPebTYQw==
9VBoIYxpsKY
www.youtube.com/embed/ Frame BBC7 		96 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02c0cbe546ba44e894b230fbea98d61696d494b7c1c7d25181780eb6a6f71e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:47:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
3V15ZwL63iI
www.youtube.com/embed/ Frame B51D 		97 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43b77d422850624348ebf481190207a1c9e059e2e95235f7d3afe13969024d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:47:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
banner
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Sun, 14 Jan 2024 17:47:08 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890079-NYC
x-timer
S1705254428.987842,VS0,VE87
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&component=banner-picker&value=cmpUi
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
graun.Prebid.js.commercial.js
assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/ 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
732693f538e4d28b2bc0b7d7bff40f84effaec15b151a40393bc376e673e1298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
oNrX8_.USNMR7N9XDXzknBZXD.OwY7An
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
NZPNNX6MT7ZYD72E
age
465029
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
fastly-restarts
1
x-amz-id-2
RSzDg0inEq5j4iU+QvpNKZ2gVt33DRvELE8DBFORitJchEtSDS+T2GZTltUltRHwi5obBqsPNpo=
x-served-by
cache-nyc-kteb1890031-NYC
content-length
126618
last-modified
Wed, 06 Dec 2023 14:44:17 GMT
server
AmazonS3
x-timer
S1705254428.981931,VS0,VE0
etag
"d1883e2ffd9035ca50a3310d195bc4e7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4231
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:04:00 GMT
content-encoding
gzip
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront), 1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-C2
age
2589
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
SBbjKicZeVMd6K6IVL5BkjlND5hpU-7P8HqZaRWsVUL9S3ry13cI4A==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Server
3.161.213.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-50.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 14:40:23 GMT
content-encoding
gzip
via
1.1 dc2de227a66d49eadfba1450eb6faa90.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
11285
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
BoqBb5uMjqpduu7hVZ5_ffD_Cv6ByN20Scb1HGMdQ0D10G5ovlDJQA==

Redirect headers

date
Sun, 14 Jan 2024 17:47:08 GMT
via
1.1 dc2de227a66d49eadfba1450eb6faa90.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
gIhvfL2Os6TMGkfuY_cGG1y_XXL49h-zYKXwjyukvPtjPM9OB1DTiw==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-lga21963-LGA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcfc77dfa2ae1ae96f91822d3aaaf22033381d7af4d7c7500efd2bf9a8cb4861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29692
x-xss-protection
0
server
cafe
etag
686 / 19736 / 31080366 / config-hash: 6457213104751266546
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 17:47:08 GMT
banner
contributions.guardianapis.com/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
9c020dd645e8bfc1f2e6ba6efed285afa562de1022f956aae149344679bf3437

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-nyc-kteb1890079-NYC
date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
via
1.1 varnish
x-timer
S1705254428.103695,VS0,VE99
x-powered-by
Express
etag
W/"1284-v4g2rojmjwUx9e+2LIPCH5HI1jw"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
x-cache-hits
0
conversion_async.js
www.googleadservices.com/pagead/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e98d360dfb4942c7ef43688eb3ae9fb67020c061c6a6583501d12e39930b0eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16875
x-xss-protection
0
server
cafe
etag
448873653633963753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 17:47:08 GMT
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
cdn.permutive.com/ 		1006 KB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9242473df6c9fa12d9b72762779965d365f70b2f7883abd9afe8312b8173646e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ABPtcPoq2f_Ycl_VS6zjjbehpWajacyaLfxXBxf_WOTyQkfv3LUZIsC7XJSOgdiTcdHN6d4080I
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
307459
last-modified
Fri, 12 Jan 2024 14:53:26 GMT
server
cloudflare
etag
"8d73226849f4ebd83d3ba5cbb9cf4bae"
vary
Accept-Encoding
x-goog-generation
1705071206362124
content-type
application/javascript
x-goog-hash
crc32c=ItmXrg==, md5=jXMiaEn069g9O6XLuc9Lrg==
cache-control
public, max-age=900
x-goog-stored-content-length
307459
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8457b3cf68ab4bbd-BUF
expires
Sun, 14 Jan 2024 18:02:08 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-125.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 03:04:19 GMT
Via
1.1 c05b7ff061569d914bb28a2bfaa77d34.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P8
Age
52970
ETag
"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
Li8CkTGW6qvBVRK8c-JMja6ZowzycSkPAB7JxgvNnx3l_CKKIQKzZw==
e96d04c832084488a841a06b49b8fb2d.js
cdn.brandmetrics.com/survey/script/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/a036cec0fedb9779e302/graun.standalone.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a8de3790bb041714486d34cfd0fdc8cbdca3f1af513738a4bb89b8222c5d84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 14 Jan 2024 16:46:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1NUsL1icKs1dFwdQc6FFMydprnMuu94Mvr%2BV%2Ba3hTAbmVAHIJrzzeFJZL6Fe0efrAupef8t%2BeDFwuk%2FZZYucl9vw%2Bzyg0xt0J0NsOCc7tWamDRXacNazAM2g49d7ESUlYeZ4l1hbNs7gAqfMEB08h9%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8457b3cf585e4bd5-BUF
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
index.html
sourcepoint.theguardian.com/ Frame 55DA 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72daac35cebc13804ba9b23e68258c5ca4a4699a4fa53fe6761b553249662f1e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
321
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Sun, 14 Jan 2024 17:47:08 GMT
etag
W/"41d31fe9cd74445ac864862375d2cfa8"
last-modified
Tue, 09 Jan 2024 16:07:23 GMT
server
AmazonS3
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
1k9z828K0gK-jRQwuRJOcoJuj3ceUoMHyvihn0Ma5AmLTRRhgi0J6Q==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-served-by
cache-nyc-kteb1890031-NYC
x-timer
S1705254428.999230,VS0,VE2
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%7D%2C%22action%22%3A%22INSERT%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-11-22_HEADER_TEST_EOY_R2__US%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
Notice.be18a.css
sourcepoint.theguardian.com/ Frame 55DA 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.be18a.css
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f77785242f031ba78562f8ff850589917f8ac10af00516bedba96dd5025976dc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
via
1.1 46b3f244fe2a22dff3a717bf9da34d86.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-nyc-kteb1890031-NYC
last-modified
Tue, 09 Jan 2024 16:07:23 GMT
server
AmazonS3
x-timer
S1705254428.036504,VS0,VE1
etag
W/"f0b1a7a1141f77ab2eceb63404c49787"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
kO7_umwQ_xVfRjvSwdl8zYU3NpYwHXRE-kHC6OYHNCTPalyQM66_tA==
x-cache-hits
0
polyfills.b0798.js
sourcepoint.theguardian.com/ Frame 55DA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/polyfills.b0798.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
via
1.1 872838324e32b579ba7d3bf4c42b2d24.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
1448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-nyc-kteb1890031-NYC
last-modified
Tue, 09 Jan 2024 16:07:23 GMT
server
AmazonS3
x-timer
S1705254428.036608,VS0,VE4
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
2lIIM7mBRsxmvkLeriAQV3pBj9b_ovdTbs5wl0WR8TD168_6u7dFtw==
x-cache-hits
0
Notice.ce950.js
sourcepoint.theguardian.com/ Frame 55DA 		290 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.ce950.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f26832526ed01712d801e6b4122dcdc6438966bf0629d7ee98ddb7f11719e4b4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?hasCsp=true&message_id=690155&consentUUID=null&preload_message=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
via
1.1 8df8d5dfeb782c83ceeb5679f78a9e4e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-nyc-kteb1890031-NYC
last-modified
Tue, 09 Jan 2024 16:07:23 GMT
server
AmazonS3
x-timer
S1705254428.036747,VS0,VE2
etag
W/"db183663cdfdb2ab1a3380fe8478d5a3"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
YVws70HyS33fR_u58TBRxRvkBincvI6-0atky8ENmWlUitwbxfAv7g==
x-cache-hits
0
www-player.css
www.youtube.com/s/player/80b90bfd/ Frame BBC7 		358 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 14:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
12071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47453
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Jan 2025 14:25:57 GMT
embed.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame BBC7 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46e97944b7e167434fa20cfb0cb6c6ad36d4e67ef3a3b39c05dab09c839a0518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 05:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
130415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16354
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 12 Jan 2025 05:33:33 GMT
www-embed-player.js
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame BBC7 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:24:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
48131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98905
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Jan 2025 04:24:57 GMT
base.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame BBC7 		2 MB
769 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa9675b7cbdba5307d9d411e7a76f13d1b6b462844cdbf3d918f37bfdff029e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
787058
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Jan 2025 17:19:48 GMT
www-player.css
www.youtube.com/s/player/80b90bfd/ Frame B51D 		358 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 14:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
12071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47453
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Jan 2025 14:25:57 GMT
embed.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame B51D 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46e97944b7e167434fa20cfb0cb6c6ad36d4e67ef3a3b39c05dab09c839a0518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 05:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
130415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16354
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 12 Jan 2025 05:33:33 GMT
www-embed-player.js
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame B51D 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:24:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
48131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98905
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Jan 2025 04:24:57 GMT
base.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame B51D 		2 MB
769 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa9675b7cbdba5307d9d411e7a76f13d1b6b462844cdbf3d918f37bfdff029e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
787058
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Jan 2025 17:19:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBC7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:04:35 GMT
x-content-type-options
nosniff
age
366153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 12:04:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBC7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:47:48 GMT
x-content-type-options
nosniff
age
140360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 02:47:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B51D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:04:35 GMT
x-content-type-options
nosniff
age
366153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 12:04:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B51D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:47:48 GMT
x-content-type-options
nosniff
age
140360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 02:47:48 GMT
collect
www.google-analytics.com/j/ 		4 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=832775076&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&ul=en-us&de=UTF-8&dt=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACACIAB~&jid=1627949674&gjid=257580480&cid=209642913.1705254428&tid=UA-78705427-1&_gid=1871103030.1705254428&_r=1&_slc=1&cd3=theguardian.com&cd4=world&cd5=video&cd6=uk-video&cd7=world%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&cd8=&cd9=world%2Frussia%2Cworld%2Feurope-news&cd10=tone%2Fnews&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&cd29=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&cd30=us&cd43=none&cd50=News&z=1056833489
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=832775076&t=timing&_s=2&dl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&ul=en-us&de=UTF-8&dt=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=consent&utv=acquired&utl=new&utt=829&_u=YEDAAUABAAAAACACIAB~&jid=&gjid=&cid=209642913.1705254428&tid=UA-78705427-1&_gid=1871103030.1705254428&cd3=theguardian.com&cd4=world&cd5=video&cd6=uk-video&cd7=world%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&cd8=&cd9=world%2Frussia%2Cworld%2Feurope-news&cd10=tone%2Fnews&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&cd29=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&cd30=us&cd43=none&cd50=News&z=407461328
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 20:41:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75937
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=deaeb063-5646-445b-84ce-e9600d051512&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40cdfef5-41c2-421b-bb2b-34e1c945be97&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time
5
date
Sun, 14 Jan 2024 17:47:08 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
589f49e1a73fb818
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
195c348d8e1fcedd8e48889f1b07b7946bf32abcea42a097bf75e7bf2fe426c5
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=deaeb063-5646-445b-84ce-e9600d051512&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40cdfef5-41c2-421b-bb2b-34e1c945be97&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time
73
date
Sun, 14 Jan 2024 17:47:08 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
db66dbffc9188331
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
d6c3afdd6eb111aefd280dd23c71f62fecfc9a6855a6387ccfb440324e669f81
content-length
43
adsct
t.co/i/ 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=9f29eb1f-2c96-42a0-b4e0-1f2044940c1e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40cdfef5-41c2-421b-bb2b-34e1c945be97&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time
7
date
Sun, 14 Jan 2024 17:47:07 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
75e86bb04fd6776e
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
195c348d8e1fcedd8e48889f1b07b7946bf32abcea42a097bf75e7bf2fe426c5
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9f29eb1f-2c96-42a0-b4e0-1f2044940c1e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40cdfef5-41c2-421b-bb2b-34e1c945be97&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time
81
date
Sun, 14 Jan 2024 17:47:08 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
4165b012349d20a8
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
d6c3afdd6eb111aefd280dd23c71f62fecfc9a6855a6387ccfb440324e669f81
content-length
43
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202401101304/ 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:05:23 GMT
server
cloudflare
x-amz-request-id
9T8C77BCXKGQ5JMD
age
340094
etag
W/"5aabb710020a401097c59bf9249caa6c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8457b3d03b834bcd-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/tcSNry5gmPKgl1D1vdKuY6Q9KRCHvlSKOauqmDNt4OIZgKtPg/XKk6Awii3UKly78k8pLACkEc=
3722
config.aps.amazon-adsystem.com/configs/ 		532 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3722
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-26.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
4a6e42df592f9fef10d8707e673f1a66671e31c48cfcc1282f759654810652f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:48:43 GMT
via
1.1 37504d411c7d230cb5e53aaf2809b804.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
3505
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
-8GGzT0qrl5IOzxATIrr3cGWtdldXnDFmr-Y3IpJ73hIyO4WSL3KLg==
config
c.amazon-adsystem.com/cdn/prod/ 		188 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3722&u=https%3A%2F%2Fwww.theguardian.com
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
Server /
Resource Hash
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:07 GMT
via
1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
188
x-amz-cf-id
Lo09uU2Cmv2VMcRAsmXW1j43YBpYXC5_C-7zw5s2TWf_5Ln6XOJd9Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront)
date
Sun, 14 Jan 2024 08:18:01 GMT
x-amz-cf-pop
YUL62-C2
age
34148
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
J28T0NwmdxjePuRKprYAwv6mVxkmu5sVTPJeDA8ARsoT7C6OIqQUjA==
collect
stats.g.doubleclick.net/j/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78705427-1&cid=209642913.1705254428&jid=1627949674&gjid=257580480&_gid=1871103030.1705254428&_u=YEDAAUAAAAAAACACIAB~&z=162141904
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 14 Jan 2024 17:47:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/?random=1705254428335&cv=9&fst=1705254428335&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tiba=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report%20%7C%20World%20news%20%7C%20The%20Guardian&hn=www.googleadservices.com&us_privacy=1YNN&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49cc59ca76ea44093b2f3409c99a09031522ca786f83e7875c2400590c55e9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/ 		437 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93abbe9a158ffb11fd2ba05dddff30ed3d7205bed155ff90160287f353cb749b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1021
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140647
x-xss-protection
0
server
cafe
etag
6083039351134279638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 13 Jan 2025 17:30:07 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705254428363&ns_c=UTF-8&cs_ucfr=1&comscorekw=Russia%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705254428363&ns_c=UTF-8&cs_ucfr=1&comscorekw=Russia%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705254428363&ns_c=UTF-8&cs_ucfr=1&comscorekw=Russia%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&c8=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report%20%7C%20World%20news%20%7C%20The%20Guardian&c9=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Server
3.161.213.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-50.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
via
1.1 dc2de227a66d49eadfba1450eb6faa90.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-amz-cf-id
DoCHOn5YXHWqwBd_qkj4H9EGhbY_xMfb9y7_3LmoYTpn-eVbUtkVXg==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 14 Jan 2024 17:47:08 GMT
via
1.1 dc2de227a66d49eadfba1450eb6faa90.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705254428363&ns_c=UTF-8&cs_ucfr=1&comscorekw=Russia%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&c8=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report%20%7C%20World%20news%20%7C%20The%20Guardian&c9=
content-length
0
x-amz-cf-id
S67BfrrEWEISAETyAnu-DflWWqIQ4L1hg39XR8Ur6jwGBL3uJpy5eQ==
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-78705427-1&cid=209642913.1705254428&jid=1627949674&_u=YEDAAUAAAAAAACACIAB~&z=579494473
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 55DA 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 55DA 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 55DA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf423c190f84212700affab39414ef603a19c4701b4e845fe31d085c9f57c534

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 14 Jan 2024 16:46:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2lEZgao9cbxO38IpjtIAeBesr1CEjmtZjytxDZ2pNggmfOx8YJz%2Bf%2FVfxRSWMQru1ehDNvifNOAaxMlw3VnTAWzOk4CDgy62191xWMRKJjQk1RP7GC55%2BV9eDO%2F0dDIyFLFoWQmFYqf40KwlrHougg%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8457b3d2299c4bd5-BUF
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
id
googleads.g.doubleclick.net/pagead/ Frame B51D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H3
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa68f5d137ec903d4517a04c15cf5a9729b011aedc21d464d3186ce4a9f6b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 Jan 2024 17:47:08 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B51D 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:45:48 GMT
x-content-type-options
nosniff
age
80
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jan 2024 18:00:48 GMT
pxid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/ 		46 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/pxid?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b9adc80161a2653e2985717aa116113bb1f8d788b7b70e26e2a52da1690c8dff

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:08 GMT
an-x-request-uuid
b6c8523d-1ebf-4f31-954f-c54fb9beb1c6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%7D%2C%22action%22%3A%22VIEW%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-11-22_HEADER_TEST_EOY_R2__US%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
id
googleads.g.doubleclick.net/pagead/ Frame BBC7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H3
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
806ab4fca2837f60019aab2490b0bca9fef32cee727ee4d461949369c30436c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 Jan 2024 17:47:08 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BBC7 		29 B
90 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:45:48 GMT
x-content-type-options
nosniff
age
80
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jan 2024 18:00:48 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 17:47:08 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B51D 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1043dca96dea91c6635f0b5af70adc8f1bfa32c412991ff70e7b3c33cada168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41022
x-xss-protection
0
remote.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame B51D 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e5b88dcf5846b8a0b10870993062b797e49a4fae3984e0ebfff5542b96399f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:25:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
379328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33755
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Jan 2025 08:25:00 GMT
sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
www.google.com/js/th/ Frame B51D 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
38225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19840
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jan 2025 07:10:03 GMT
sddefault.webp
i.ytimg.com/vi_webp/3V15ZwL63iI/ Frame B51D 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/3V15ZwL63iI/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2016 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecce0ff44c16c52e8d3980fdd2f51414167c8c92c5d7699daf8507b3459e4f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:44:44 GMT
x-content-type-options
nosniff
age
144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22002
x-xss-protection
0
server
sffe
etag
"1705248915"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Jan 2024 17:49:44 GMT
4c6e5ac6-4f02-48d5-9a62-75573ee9dae6
https://www.theguardian.com/ 		645 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/4c6e5ac6-4f02-48d5-9a62-75573ee9dae6
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c60716f0c88a8320e6cd175e64b7f686db6a4fc1f4dfea640e3df2c3fb77cbf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
660652
Content-Type
447b18fc-6beb-4018-8e7d-2437c3663f43
https://www.theguardian.com/ 		645 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/447b18fc-6beb-4018-8e7d-2437c3663f43
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c60716f0c88a8320e6cd175e64b7f686db6a4fc1f4dfea640e3df2c3fb77cbf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
660652
Content-Type
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 17:47:08 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BBC7 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd9edb43e227a854ab5185ad5e4ae815317bd8e607259068a9918222c04771d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41024
x-xss-protection
0
remote.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame BBC7 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e5b88dcf5846b8a0b10870993062b797e49a4fae3984e0ebfff5542b96399f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:25:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
379328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33755
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Jan 2025 08:25:00 GMT
sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
www.google.com/js/th/ Frame BBC7 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
38225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19840
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jan 2025 07:10:03 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/9VBoIYxpsKY/ Frame BBC7 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/9VBoIYxpsKY/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2016 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f618846f5d2dc7179b03033c95600561717991f7d65e1a2509ddef43a192916d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88226
x-xss-protection
0
server
sffe
etag
"1703786323"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Jan 2024 19:47:08 GMT
truncated
/ Frame BBC7 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B51D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pub
pixel.adsafeprotected.com/services/ 		412 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--top-above-nav,ss:%5B1.1,2.2,728.90,940.230,900.250,970.250,88.71,300.197,300.250%5D,p:/59666047/theguardian.com/world/video/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=97732af5-e3b6-f615-4d4f-9a45ac769297&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.89.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-89-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b0dfb89a0487d5e38d1230d2b1e3eb1801d13d92aad242ff2b339593fa487b90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
server
nginx
x-server-name
app41.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		410 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--survey,ss:%5B1.1%5D,p:/59666047/theguardian.com/world/video/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=97732af5-e3b6-f615-4d4f-9a45ac769297&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.89.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-89-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
10494dc8942e3292329f0c9d34df46217852802bc4b0922e9f242a8382225ba1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
server
nginx
x-server-name
app62.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		422 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising-high,ss:%5B1.1,2.2,88.87,970.250,300.250%5D,p:/59666047/theguardian.com/world/video/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=97732af5-e3b6-f615-4d4f-9a45ac769297&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.89.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-89-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f81f2d44b7cde8494179be811fe3d614d363ffce7907a96b016f2120334cce65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
server
nginx
x-server-name
app51.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		411 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--mostpop,ss:%5B1.1,2.2,300.250,300.274,300.600,300.197%5D,p:/59666047/theguardian.com/world/video/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=97732af5-e3b6-f615-4d4f-9a45ac769297&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.89.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-89-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
445006dfa707aa3527518a97c990079a0d4a6622258d5c81fb038bbb3ff4f0b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
server
nginx
x-server-name
app29.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		417 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising,ss:%5B1.1,2.2,88.88,970.250,300.250%5D,p:/59666047/theguardian.com/world/video/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=97732af5-e3b6-f615-4d4f-9a45ac769297&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.89.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-89-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
446d68e0c894bb57738051cc2f45df72e390c00d6651705352c89f0a308faf1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
server
nginx
x-server-name
app25.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
geoip
api.permutive.com/v2.0/ 		282 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
watson
api.permutive.com/v2.0/ 		340 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5eaa7879f0ec42327ff6e4537397b8af43e6d591b3d63a555f535d2549194bba

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256
/
www.google.com/pagead/1p-user-list/971225648/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971225648/?random=1705254428335&cv=9&fst=1705251600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tiba=Russian%20stars%27%20semi-naked%20party%20sparks%20wartime%20backlash%20%E2%80%93%20video%20report%20%7C%20World%20news%20%7C%20The%20Guardian&async=1&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_mMVuM4yeTYWP1wej9JP-eKqx68IL3A&random=1749405857&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 17:47:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B51D 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad4c36e3f869d992fa38a94a3b4818b87613b5cb5720c99684c2c53fb07050c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
cdn.permutive.com/models/v2/ 		48 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e105d843d0cbcf33a8e5a1772e132b543768568a98a0b0183f2c7919ee64e568

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ABPtcPr6RP4tyInBtJsEspUnz9d5dWzpzm36FC0f1mlvgcblcAV_516Q4cUoMfTNNLHJmI9f8d7Py5OUj26x6P_LVXklbsWupRVj
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
35338
last-modified
Sat, 06 Jan 2024 06:03:39 GMT
server
cloudflare
etag
"0fcc77897ff769ca4f71a5077d766283"
vary
Accept-Encoding
x-goog-generation
1704521019572556
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=NqmtpQ==, md5=D8x3iX/3acpPcaUHfXZigw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
35338
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8457b3d69b246aee-BUF
expires
Sun, 14 Jan 2024 16:54:37 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		160 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&pid=5QuwglsmoeboK&cb=0&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--top-above-nav%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
7061a231754256284569c8a443c965b6a3a96ed9369a71cb94c6a2a0f18242c5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0880eac0689b5b1cff547e39e0daa976.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
TZ75N917A1HN735FD78E
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
160
x-amz-cf-id
6jA8skPF2JZfd8TdfNKZMDrMkC4O9cZZxSnybUf0fflmX8TQeoQTjQ==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BBC7 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2593619d77e4985480d036d90888aae1b05c24dccde4be14c385856a0311d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 17:47:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
identify
api.permutive.com/v2.0/ 		50 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5b16d831d63765c8f34acc99821d8418809b3d3486aa84b694dab116a32ee671

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
hbjson
grid.bidswitch.net/ 		23 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.68.203 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.68.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4dc005fb83e7953760744f8ce122ae63a2ca1f81dd61e717ddab5dd37f657b4c

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 14 Jan 2024 17:47:09 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid
krk2.kargo.com/api/v1/ 		2 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.224.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-224-83.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
679 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=204985
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5728dcba7afa208dcef947013cb83d74994fa5c723fee0c4a84e050412f06711

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgySqwegsT0VqvSyqR%2BC0QnFEYgyx%2FbN62f3gL1N9j4byvty%2BDG%2Fv5nKU7gLzTW23m2F0ZB7jprBq8jm7xVk%2FwLX%2FZSqKDeBd50i%2FgrEfpxDbDDM4MFlMjRcZTYUeqWKv%2BDf3SZG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8457b3d6d9c936aa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ 		19 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.86.180.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-180-217.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
accept-ch
user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Sun, 14 Jan 2024 17:47:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%7C13742436a5eb034%22%3A%22970x250%2C728x90%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&s=d552c381-901b-4442-8821-8ff6c770539a&pv=lrdsgh6lgipstxyb1dt8&vp=desktop&lib_name=prebid&lib_v=8.24.0&us=0&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22keywords%22%3A%22Russia%2CEurope%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2Cpt2%3Dus%2Cpt3%3Dvideo%2Cpt4%3Dng%2Cpt5%3Deurope-news%2Cpt5%3Drussia%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlrdsgh6lgipstxyb1dt8%7C%7Cnews&kw=Russia%2CEurope&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
941e970ab8b080da214361dbff1bb84ed52f1b5e0221ba5ee40c37373acfe31f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
949
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		8 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=61414935575&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
eb2055e8715947b37f3cdca0e15227d6664163b8d86357c24c385da20dba00c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
elb.the-ozone-project.com/openrtb2/ 		220 B
1022 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea1e2a71ac27dd98c9cf62683c663c9f92db14fd6e7996a560317f2d7b0ccb9

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8457b3d6ff88398a-YYZ
expires
0
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com&rnd=6417694
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Sun, 14 Jan 2024 17:47:09 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B51D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 17:47:09 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BBC7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 17:47:09 GMT
generate_204
www.youtube.com/ Frame B51D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?inr5fw
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
www.youtube.com/ Frame BBC7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?rh5Qgw
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame B51D 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:22:13 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame BBC7 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:22:13 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		160 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&pid=5QuwglsmoeboK&cb=1&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--merchandising-high%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
54f37d91c74ec794994462438f9760e481af46aadb2054cddf74595c69a08d48
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0880eac0689b5b1cff547e39e0daa976.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
TV67ZYA0BEG7AKR8W61X
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
160
x-amz-cf-id
lfsvGsurdaFQt-kA2U_Mqxa8WsIaM0oFsrPO9nzPjH734_y9eWHZDA==
iu3
s.amazon-adsystem.com/ Frame A25B
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
330 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5abbb193961a4a7b0af255f4a2fc329d0c73214dad6f7cd8b2963a938bc57699
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
330
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 14 Jan 2024 17:47:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3AQEW0QR200P62VNFFCM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 14 Jan 2024 17:47:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0X17QBDYX321ZBJDRJF5
DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527
pubads.g.doubleclick.net/activity;dc_iu=/59666047/ 		42 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/59666047/DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527?
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		848 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2719913891048784&correlator=3794507089224164&eid=31079958%2C31080124%2C31080285%2C31080296%2C95320408%2C31080366&output=ldjh&gdfp_req=1&vrg=202401090101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cworld%2Cvideo%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C728x90%7C940x230%7C900x250%7C970x250%7C88x71&fluid=height&ifi=1&sfv=1-0-40&fsbs=1&sc=1&cookie_enabled=1&abxe=1&dt=1705254429737&lmt=1705254429&adxs=0&adys=12&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&vis=1&psz=1600x90&msz=1600x90&fws=516&ohw=1600&ga_vid=209642913.1705254428&ga_sid=1705254430&ga_hid=832775076&ga_fc=true&dlt=1705254427318&idt=1605&prev_scp=slot-fabric%3Dfabric1%26slot%3Dtop-above-nav%26testgroup%3D27%26amznbid%3D2%26amznp%3D2%26id%3Df08e1af0-b304-11ee-8c1a-0a04c3acdffd%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D970x250%26hb_pb_criteo%3D0.53%26hb_adid_criteo%3D1884a11d642df5%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.53%26hb_adid%3D1884a11d642df5%26hb_bidder%3Dcriteo&cust_params=permutive%3D23527%252C54759%252C83434%252C123518%252C131644%252C151037%252C174902%252Crts%26amtgrp%3D6%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Dvideo%26url%3D%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Deurope-news%252Crussia%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpk632%26dcre%3Df%26rc%3D4%26rp%3Ddotcom-platform%26s%3Dworld%26sens%3Df%26urlkw%3Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%26allkw%3Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%26ab%3DSignInGateMainVariant-main-variant-4%26cc%3DUS%26pv%3Dlrdsgh6lgipstxyb1dt8%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_3799_KW%252CIAS_11461_702_KW%252CIAS_2278_KW%252CIAS_1336_KW%26prmtvsdk%3Dweb%26puid%3D7a1e7ec3-dcb9-4b65-9467-08d01785ebef%26prmtvvid%3Dec8148eb-25ad-4f61-b305-344211b98189%26prmtvsid%3D1fdaca4b-5474-449b-a5b3-224191bd0f49%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08&adks=4229958405&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9146295851ab3de62ce699b258996cfd18916e35191a6c23be301adde6bfef55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
457
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A32 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:47:09 GMT
expires
Mon, 13 Jan 2025 17:47:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2719913891048784&correlator=3794507089224164&eid=31079958%2C31080124%2C31080285%2C31080296%2C95320408%2C31080366&output=ldjh&gdfp_req=1&vrg=202401090101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cworld%2Cvideo%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1705254429763&lmt=1705254429&adxs=0&adys=394&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=209642913.1705254428&ga_sid=1705254430&ga_hid=832775076&ga_fc=true&dlt=1705254427318&idt=1605&prev_scp=slot%3Dsurvey%26testgroup%3D86%26id%3Df08e909d-b304-11ee-8a61-0e567b43018f%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70&cust_params=permutive%3D23527%252C54759%252C83434%252C123518%252C131644%252C151037%252C174902%252Crts%26amtgrp%3D6%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Dvideo%26url%3D%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Deurope-news%252Crussia%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpk632%26dcre%3Df%26rc%3D4%26rp%3Ddotcom-platform%26s%3Dworld%26sens%3Df%26urlkw%3Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%26allkw%3Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%26ab%3DSignInGateMainVariant-main-variant-4%26cc%3DUS%26pv%3Dlrdsgh6lgipstxyb1dt8%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_3799_KW%252CIAS_11461_702_KW%252CIAS_2278_KW%252CIAS_1336_KW%26prmtvsdk%3Dweb%26puid%3D7a1e7ec3-dcb9-4b65-9467-08d01785ebef%26prmtvvid%3Dec8148eb-25ad-4f61-b305-344211b98189%26prmtvsid%3D1fdaca4b-5474-449b-a5b3-224191bd0f49%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08&adks=1605109038&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83aa797e5f1f213bf1b3465168e50caea42401281d4d4f74c95ae023b42ed6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7855
x-xss-protection
0
google-lineitem-id
6473321971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461316481
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
russian-stars-semi-naked-party-sparks-wartime-backlash-video-report.json
api.nextgen.guardianapps.co.uk/related/world/video/2023/dec/28/ 		41 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/related/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report.json?exclude-tag=tone/advertisement-features&exclude-tag=guardian-professional/guardian-professional
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
863cc6eddbc6adc4768bdb8acf71c92e046ad8a0c0642ea44918945a565d5b64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
onward
x-cache
HIT, MISS
content-length
4773
x-served-by
cache-lcy-eglc8600038-LCY, cache-yyz4524-YYZ
server
nginx
x-timer
S1705254430.781752,VS0,VE90
x-gu-geolocation
country:US
etag
W/"hash8337221745679540113"
x-gu-frontend-git-commit-id
5eb93ff79865339a6f5805fb780dbbefb2276f0b
vary
Accept-Encoding,Origin,Accept
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=1800, stale-while-revalidate=180, stale-if-error=864000, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
1, 0
auction
elb.the-ozone-project.com/openrtb2/ 		217 B
640 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301032a8545e5d61f85824d1db6d94658245dfd833f9ece6af10db7ab321707a

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8457b3da2f59398a-YYZ
expires
0
trinity.json
apex.go.sonobi.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%7C2422571b34923c8%22%3A%22970x250%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&s=8040f164-92f1-4e7f-8ad9-e98fc4c59636&pv=lrdsgh6lgipstxyb1dt8&vp=desktop&lib_name=prebid&lib_v=8.24.0&us=0&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22keywords%22%3A%22Russia%2CEurope%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2Cpt2%3Dus%2Cpt3%3Dvideo%2Cpt4%3Dng%2Cpt5%3Deurope-news%2Cpt5%3Drussia%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlrdsgh6lgipstxyb1dt8%7C%7Cnews&kw=Russia%2CEurope&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6ca179c106fafa2b832c40ef92e040bddd5b2cf1615a417a950e664f0d4022b3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
702
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Sun, 14 Jan 2024 17:47:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
krk2.kargo.com/api/v1/ 		2 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.224.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-224-83.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=983842
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861514fb46bd4437256c82be0c1ccfe20410db218106bfbd938cfd9ae2b5b4ca

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRAyG4KfvO1izozzdjjRWhTqhE3z5GI%2Bgfkec%2Bk4Wd%2FLM2BgMs7o5E1qWj3q7EfTVHBgS%2BbXD6DjhTvy3orsHcYce2NSSAObG90jKStFCsPSWPsgBh%2BLfLUIqihyqMykfW3AEJw9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8457b3da3f7e36aa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.86.180.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-180-217.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
5
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=87096056829&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Sun, 14 Jan 2024 17:47:09 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pr
s.amazon-adsystem.com/v3/ Frame 64B7 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c3edf7dbd6551b94a3eba57ba33f175e050a01c02b2b38cef48d93bfdb8b3dbb
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2611
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 14 Jan 2024 17:47:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9H3CETASFNPRT0JGGB44
1080.jpg
i.guim.co.uk/img/media/f449b218a26837f12e1358f8aa50b7d501367dbd/0_99_1080_648/master/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/f449b218a26837f12e1358f8aa50b7d501367dbd/0_99_1080_648/master/1080.jpg?width=220&quality=85&auto=format&fit=max&s=97eb76304f3f2f86a8279c4d03088653
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f0da88f68764d78fae0e1ef4b971a12953282587e5f9b2d5b1907aea5c6c883

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img02-europe-west2
age
273574
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=262714 idim=1080x648 ifmt=jpeg ofsz=6168 odim=220x132 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
99
content-length
6168
x-served-by
cache-lcy-eglc8600024-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254430.921817,VS0,VE73
etag
"4oonwe+RlAgXQTTzcssgS1E/TTxFPyNbdz/m07JnIpY"
x-amz-meta-bounds-height
648
x-amz-meta-bounds-width
1080
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
1, 1
5186.jpg
i.guim.co.uk/img/media/a6f78538b51e467b809892fa8ccf1637bb8be4a2/0_142_5186_3111/master/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/a6f78538b51e467b809892fa8ccf1637bb8be4a2/0_142_5186_3111/master/5186.jpg?width=220&quality=85&auto=format&fit=max&s=489370a4168a5e0451c23b8be1f9e74f
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f25973d65397d190dac2b12889e5786f875cf5eb03f8df91c987e9ae2b90bd78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img01-europe-west2
age
162133
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=4957226 idim=5186x3111 ifmt=jpeg ofsz=4118 odim=220x132 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
142
content-length
4118
x-served-by
cache-lcy-eglc8600059-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254430.921649,VS0,VE74
etag
"P3MqsuxqB+WKNrP/c1fduwl69CSeDcQy4lNelWBAb+s"
x-amz-meta-bounds-height
3111
x-amz-meta-bounds-width
5186
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
6, 1
1800.jpg
i.guim.co.uk/img/media/cd07c53fe5f210ef4a7db12346c99ab6c81e4d7e/60_0_1800_1080/master/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/cd07c53fe5f210ef4a7db12346c99ab6c81e4d7e/60_0_1800_1080/master/1800.jpg?width=220&quality=85&auto=format&fit=max&s=d8d7e02b2fc28b8400f375e671df328d
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0f08d0f2a34cb2afd81ec9c0cbce1f28d94cdb1b768d37ceb198cdcf2396175

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img05-europe-west2
age
3359780
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
fastly-io-info
ifsz=707940 idim=1800x1080 ifmt=jpeg ofsz=7244 odim=220x132 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
7244
x-served-by
cache-lcy-eglc8600057-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254430.921641,VS0,VE73
etag
"IV3AO/uBe6tBatm5Nr1xJEus6wB7rTCzLU90W4DBAK4"
x-amz-meta-bounds-height
1080
x-amz-meta-bounds-width
1800
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
60
x-cache-hits
183, 0
2935.jpg
i.guim.co.uk/img/media/b2770fc2164d7a04137868fa3aaf0cfc5067dfeb/0_10_2935_1760/master/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/b2770fc2164d7a04137868fa3aaf0cfc5067dfeb/0_10_2935_1760/master/2935.jpg?width=220&quality=85&auto=format&fit=max&s=b5f2e0c30342349fcb4ae4bc409f429d
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3d67f59f0c45730638ff143af2b728cdcc9506a279e1c50791432a2c891e969

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img05-europe-west2
age
359374
x-cache
HIT, HIT
fastly-io-info
ifsz=1007847 idim=2935x1760 ifmt=jpeg ofsz=4816 odim=220x132 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
10
content-length
4816
x-served-by
cache-lcy-eglc8600035-LCY, cache-nyc-kteb1890031-NYC
server
AmazonS3
x-timer
S1705254430.921581,VS0,VE73
etag
"Yplrdc95GxII0ensLrc/9CkJcqtIMe4nnc/xy2bUPrk"
x-amz-meta-bounds-height
1760
x-amz-meta-bounds-width
2935
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
6, 1
/
onetag-sys.com/match/ Frame 64B7 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
usermatch
ssum-sec.casalemedia.com/ Frame 0CDE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
622c3fa0be0c5f2444312245d85a0eec5e475b305acc686fb3f9a08d62b1d723

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8457b3db79b6398a-YYZ
content-encoding
br
content-type
text/html
date
Sun, 14 Jan 2024 17:47:10 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anbrIbk0m%2BPKE8xyRKkp1xPWqoKV4zjsY7DaCwa9fNXJgPRcQzTD%2Br3lqa3K2wR0CJFk9C%2F8%2FD1nKA8pG7kBl3zFvf2nDNRs3sfDkFoEoa0KiuYuXqfk8%2BK3OlMeWMI6MvU3ObXFjVaBTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8457b3db395236aa-YYZ
content-length
0
date
Sun, 14 Jan 2024 17:47:09 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kg%2F3KyMCVG6Us7eUK86Pr%2BtN4AJIGsgy0C6y5fBG9xRchUWyIC7vBhcMI1pAdvjQ%2FwQ0EgrFD3W6Lr50FFhj9fZMHOcDRao4IgWkUsupnH8%2FAr0KVnVdhPfUTUBxFAwWRo3qJwMu%2BAIJ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C11 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27163
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 14 Jan 2024 17:47:10 GMT
expires
Mon, 15 Jan 2024 01:19:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
uc.html
sync.go.sonobi.com/ Frame F650 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b95dfdfcfc84144703a2769642a8aa8e823599e23e5d9a7537c9f972a9fd9099
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-length
653
content-type
text/html
date
Sun, 14 Jan 2024 17:47:10 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
x-xss-protection
0
cm
u.openx.net/w/1.0/ Frame 9E70
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
824 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
97bef2c4eb339325f9a5ec55f7aadc0eaa1ff08ac729b10bb0b0fcffedea5fb6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
468
content-type
text/html
date
Sun, 14 Jan 2024 17:47:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 14 Jan 2024 17:47:10 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame E81E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4695284997587168214&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4695284997587168214&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 Jan 2024 17:47:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9W98CCDE33MFHBHKFTP7

Redirect headers

content-length
0
date
Sun, 14 Jan 2024 17:47:09 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4695284997587168214&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 665D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8114484655641338530&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8114484655641338530&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 Jan 2024 17:47:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1DQZDZ60JZWM7V6481KY

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8c973206-9176-4a14-8018-b979bdb96636
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 17:47:10 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=8114484655641338530&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame FB0E
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
d4d4f4713af3f9e04d04af8a36cd410d8fc24ae9528378f7ca17a6c93df90eb4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
529
Content-Type
text/html
Date
Sun, 14 Jan 2024 17:47:10 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Sun, 14 Jan 2024 17:47:10 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1dca1
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 9695 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
cfcfe696bf1d62f184f4fe18ac3bf403db9f4eb142adbbdff186e7ff88bbce86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
x-envoy-upstream-service-time
20
ecm3
s.amazon-adsystem.com/ Frame 78E6
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2767268955237725445066
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2767268955237725445066
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 Jan 2024 17:47:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
60A22RF56VJ8MEW2MTBK

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 14 Jan 2024 17:47:10 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2767268955237725445066
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2719913891048784&correlator=3794507089224164&eid=31079958%2C31080124%2C31080285%2C31080296%2C95320408%2C31080366&output=ldjh&gdfp_req=1&vrg=202401090101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cworld%2Cvideo%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C88x87%7C970x250&fluid=height&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705254429993&lmt=1705254429&adxs=799&adys=1236&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2Fvideo%2F2023%2Fdec%2F28%2Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report&vis=1&psz=1600x250&msz=2x250&fws=4&ohw=1600&ga_vid=209642913.1705254428&ga_sid=1705254430&ga_hid=832775076&ga_fc=true&dlt=1705254427318&idt=1605&prev_scp=slot-fabric%3Dfabric2%26slot%3Dmerchandising-high%26testgroup%3D78%26id%3Df08f060b-b304-11ee-b78f-028710b07bf7%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26amznbid%3D2%26amznp%3D2&cust_params=permutive%3D23527%252C54759%252C83434%252C123518%252C131644%252C151037%252C174902%252Crts%26amtgrp%3D6%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Dvideo%26url%3D%252Fworld%252Fvideo%252F2023%252Fdec%252F28%252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Deurope-news%252Crussia%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpk632%26dcre%3Df%26rc%3D4%26rp%3Ddotcom-platform%26s%3Dworld%26sens%3Df%26urlkw%3Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%26allkw%3Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%26ab%3DSignInGateMainVariant-main-variant-4%26cc%3DUS%26pv%3Dlrdsgh6lgipstxyb1dt8%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_3799_KW%252CIAS_11461_702_KW%252CIAS_2278_KW%252CIAS_1336_KW%26prmtvsdk%3Dweb%26puid%3D7a1e7ec3-dcb9-4b65-9467-08d01785ebef%26prmtvvid%3Dec8148eb-25ad-4f61-b305-344211b98189%26prmtvsid%3D1fdaca4b-5474-449b-a5b3-224191bd0f49%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08&adks=2213083677&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2da38ec833805e861d825fbf2cfd62b4bb6be8c37eab0c4206fa1b3c3dadb8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19913
x-xss-protection
0
google-lineitem-id
6435365670
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138458350685
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 0CDE
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaQeHRs-KDzESOWdA5s7IQAA%26503&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaQeHRs-KDzESOWdA5s7IQAA%26503&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=34ae49e455024fba8e35decc144ebe14
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
227018
expires
Sun, 14 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
5
dcm
s.amazon-adsystem.com/ Frame 0CDE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaQeHRs_KDzESOWdA5s7IQAAAfcAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
55M37PMAA4MKAX8VGHB3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0CDE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaQeHRs-KDzESOWdA5s7IQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVLXdAJHAHaLY_lp0GkUsY&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVLXdAJHAHaLY_lp0GkUsY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zle1S7mHtJ2VHrMNN6J3z90nGTfzCSn1PgqotYzuoAQdaoYpbk8e1mWSZF5%2BnWjl3TayYcylVPLPnDqzR3%2FeQAXQoIUYvS8VZFTl8wnRRoegSK9C8eJO9EyzqQWo8oENBKCzISFFMLQyvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8457b3dd0cd6398a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVLXdAJHAHaLY_lp0GkUsY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0CDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaQeHRs_KDzESOWdA5s7IQAAAfcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMjtLDCd3Pv8a0ePg4qOIk4&google_cver=1
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMjtLDCd3Pv8a0ePg4qOIk4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3tKala4LxXg61gLPIdkMBhec6ORniRKDdF9IkOTqxb44VAKwn47OL7QqV0vKeefdttrHlw0njy87PGuXjUM0%2F0tUyzPF1L6jxUoY2nkhZ0vlON4abQAZTNXiWrAfSNvGWl4QMHSYZLLxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8457b3dd0cca398a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMjtLDCd3Pv8a0ePg4qOIk4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 0CDE
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=54ea0b9a-3c9b-46a3-8db8-5e57a3af5400
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=54ea0b9a-3c9b-46a3-8db8-5e57a3af5400
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKLx9rigt1%2B9YUYutCBepUidd58EkYfFHezynLwGSBqNm6UM%2FmLwiIWsZtaaahfrOduPG4FS6qfo7OdVoCsBkKDuKPZQJOc%2FAOodchPp5Lj6z0QBlsKBqYa3UBfl%2F9KZw7o48FZj"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8457b3ddcd7136aa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Sun, 14 Jan 2024 17:46:37 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=54ea0b9a-3c9b-46a3-8db8-5e57a3af5400
cache-control
private,no-cache
content-length
222
expires
-1
ium
ssum-sec.casalemedia.com/ Frame 0CDE
Redirect Chain
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaijeih67e7glkhhl67i87jdaefee7fkbbabackkc2jl
0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaijeih67e7glkhhl67i87jdaefee7fkbbabackkc2jl
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=que%2Fegd6b9QWkdiWJGC2CWW%2FRKbV1yuocRVMN%2FGSv3lxKeW8E%2BwpoWZ6rI0jirTUozdNdpko098PUGBvki6toddIjiqzqzJYsuCMxzTBLo%2FUYfYm9Dg%2FNW7q%2FASL161aODrw1VDq%2B%2BMyeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
cf-ray
8457b3dd8df5398a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 14 Jan 2024 17:47:10 GMT

Redirect headers

location
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eaijeih67e7glkhhl67i87jdaefee7fkbbabackkc2jl
date
Sun, 14 Jan 2024 17:47:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8457b3dc9d844bc9-BUF
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 0CDE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7020910070686028027&expiration=1706464016
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7020910070686028027&expiration=1706464016
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnH2DecbOFXflbQMTgzI8pT0eNLvwNkMmRZI191h5mGn5rHPVBCahPDnQAGQM9XA%2B8Gmy0zwNSwQjQSVmD6g3YXvu9PhqNvPRals10jsDiPfsOEhM9ipLKtM7DGjMODddlMalDJiFOR%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8457b3dd4d86398a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7020910070686028027&expiration=1706464016
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ZaQeHRs_KDzESOWdA5s7IQAAAfcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0CDE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZaQeHRs_KDzESOWdA5s7IQAAAfcAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ecm3
s.amazon-adsystem.com/ Frame 0CDE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZaQeHRs_KDzESOWdA5s7IQAAAfcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RB2KEED9BD50AFKDW2R4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.mgid.com/m?cdsp=146480&gdpr=0&gdpr_consent=&us_privacy=&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dsonobi%26user_id%3D%7Bmuidn%7D%26bsw_param%3D7fa1b14f-0035-4358-a1...
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dsonobi%26user_id%3D%7Bmuidn%7D%26bsw_param%3D7fa1b14f-0035-4358-a1a5-33197ff54bf5%26expires%3D10%26gdpr%3D0%26g...
  • https://x.bidswitch.net/sync?dsp_id=303&ssp=sonobi&user_id=o0eaNFYEJvL9&bsw_param=7fa1b14f-0035-4358-a1a5-33197ff54bf5&expires=10&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=&us_privacy=
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=&us_privacy=
Date
Sun, 14 Jan 2024 17:47:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=91e92b73fd
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=91e92b73fd
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=91e92b73fd
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
Date
Sun, 14 Jan 2024 17:47:10 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
49 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
Date
Sun, 14 Jan 2024 17:47:10 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=UGV6X0tVbzBzcWg4dUdnbHVLaDFDUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEbF_HmmZ3Fq8XTrjfRNfBc&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
49 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-dq6dw
expires
-1
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi&tc=1
49 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi&tc=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi&tc=1
pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT, Sun, 14 Jan 2024 17:47:10 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792
  • https://sync.go.sonobi.com/us.gif?nuid=OPUd7041b611cb241b19e3baf40a5a39c9d&nw=oa
49 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nuid=OPUd7041b611cb241b19e3baf40a5a39c9d&nw=oa
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://sync.go.sonobi.com/us.gif?nuid=OPUd7041b611cb241b19e3baf40a5a39c9d&nw=oa
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
107
expires
Mon, 01 Jan 1990 00:00:00 GMT
usg.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDNiZjZlYzEtOGIxZi00MzlhLWJhMjEtM2E5NTZkODRjNDJk
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOFZLKIkm7i41jLu0bvgYhQ&google_cver=1
49 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOFZLKIkm7i41jLu0bvgYhQ&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOFZLKIkm7i41jLu0bvgYhQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame F650
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
3.216.208.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-208-235.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-08397a447.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
uv01A+3STto=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-0d5c24515.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
rwPOlQBhRAM=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
db_sync
px.ads.linkedin.com/ Frame F650
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDAzYmY2ZWMxLThiMWYtNDM5YS1iYTIxLTNhOTU2ZDg0YzQyZBAAGg0InryQrQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&rand=02158437
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&rand=02158437&expected_cookie=12163915-8b85-498c-80c5-41722806cf64
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&rand=02158437&expected_cookie=12163915-8b85-498c-80c5-41722806cf64
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5EA5A3EC948D4A20B134E5B59E1C891C Ref B: EWR311000102031 Ref C: 2024-01-14T17:47:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO63yYXCnD/I6kUYr+Mw==

Redirect headers

date
Sun, 14 Jan 2024 17:47:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: FD9B25E0DDF64BE786CD452ADF82D6BE Ref B: EWR311000102031 Ref C: 2024-01-14T17:47:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=708e704f97c45021488dbbd600501952237eb80bd86cd58d9d6eac9895325198791426b5417dce21&rand=02158437&expected_cookie=12163915-8b85-498c-80c5-41722806cf64
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO63yWN/WidPfAzUXZkg==
us.gif
sync.go.sonobi.com/ Frame F650
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
an-x-request-uuid
fb69027d-2e0c-42e3-b0de-3bc1ce7938d4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
120 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600036-LCY, cache-yyz4524-YYZ
server
nginx
x-timer
S1705254430.102102,VS0,VE107
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
5eb93ff79865339a6f5805fb780dbbefb2276f0b
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600020-LCY, cache-yyz4524-YYZ
server
nginx
x-timer
S1705254430.102077,VS0,VE106
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
5eb93ff79865339a6f5805fb780dbbefb2276f0b
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=bebc0f58-6d69-4482-b486-e1f8bc632c5a&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=bebc0f58-6d69-4482-b486-e1f8bc632c5a&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=bebc0f58-6d69-4482-b486-e1f8bc632c5a&gdpr_consent=null&gdpr=0
date
Sun, 14 Jan 2024 17:47:10 GMT
server
_
content-length
0
cs
cs.yellowblue.io/ Frame 9695
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=4695284997587168214&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=4695284997587168214&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=4695284997587168214&gdpr=0&gdpr_consent=
date
Sun, 14 Jan 2024 17:47:09 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=71711ccd-bde9-082d-2ff4-17060cddc1a3
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=71711ccd-bde9-082d-2ff4-17060cddc1a3
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=71711ccd-bde9-082d-2ff4-17060cddc1a3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8114484655641338530&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8114484655641338530&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
an-x-request-uuid
4a067a90-e05f-4e5f-8230-f40d65c73281
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8114484655641338530&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 9695
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=7f17f30d-3f49-483a-87e9-c12bf3b9abf2&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=7f17f30d-3f49-483a-87e9-c12bf3b9abf2&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=7f17f30d-3f49-483a-87e9-c12bf3b9abf2&gdpr=0
date
Sun, 14 Jan 2024 17:47:10 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
19
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEirThhNNrhLv7tyL1D_&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEirThhNNrhLv7tyL1D_&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEirThhNNrhLv7tyL1D_&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTAxRTZBRUEtM0E4NC00NDJFLUJDRUUtRDkwQ0M0M0NGNkQ2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
48
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
date
Sun, 14 Jan 2024 17:47:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=2RvHLBNZCVNg&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=2RvHLBNZCVNg&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=2RvHLBNZCVNg&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
cksync.php
contextual.media.net/ Frame 9695 		57 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.160.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sun, 14 Jan 2024 17:47:10 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212420986209561
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212420986209561
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:09 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212420986209561
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame 9695
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1705254430188
  • https://ad.turn.com/r/cs?pid=45&rndcb=5974938109
  • https://sync.1rx.io/usersync/turn/8102553495565842921?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11599&id=RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005
date
Sun, 14 Jan 2024 17:47:10 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1dd0ccf24064405ab3bd0e48f6154de6005
content-type
text/html
cs
cs.yellowblue.io/ Frame 9695
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=5ecef7acd4848427cfbe727e50671f&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=5ecef7acd4848427cfbe727e50671f&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=5ecef7acd4848427cfbe727e50671f&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705254430273088-1204
cs
cs-server-s2s.yellowblue.io/ Frame 9695
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5
Date
Sun, 14 Jan 2024 17:47:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 9695 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=Ug5Nczx-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RV2W5YVRT1YK8TX3H5CB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 31E7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Jan 2024 17:47:10 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 14 Jan 2024 17:47:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 5FBC 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
04dae8172d2657267e475430db9f2e90ba043c5991a6f678e7f3a59ef15c5d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1658
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ecm3
s.amazon-adsystem.com/ Frame 9E70 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=c1a77c26-76ac-8e92-a4bd-c9034547de00
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
29FB93S74D23YDKH941V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0db6661f-faaa-a721-5564-5d61d223d8a9
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9E70 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/0db6661f-faaa-a721-5564-5d61d223d8a9?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 9E70 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c1a77c26-76ac-8e92-a4bd-c9034547de00
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M2AF63KF7CZKP9CTMMBR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E70
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=9971005b-6a06-3568-64b3-4b942d7415e0&gdpr=0&gdpr_consent=
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 9E70 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjUxZWQzOTEtYTM3MS02YmNjLTcxNTMtMTEyZGU3OTZkYjgw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM1mwICuIHqGOBXD9ZY8nww&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM1mwICuIHqGOBXD9ZY8nww&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM1mwICuIHqGOBXD9ZY8nww&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=a5e265a4-1e1e-4f00-9280-198e628bf0f4&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=a5e265a4-1e1e-4f00-9280-198e628bf0f4&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 14 Jan 2024 17:47:10 GMT
Server
MT3 1237 600843f master ord ord-pixel-x58 config_version:"9"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=a5e265a4-1e1e-4f00-9280-198e628bf0f4&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Jan 2024 17:47:09 GMT
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LRDSGJP9-N-ARFS&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LRDSGJP9-N-ARFS&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LRDSGJP9-N-ARFS&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0163a7456b0a5605e8b1fb1d4fba3e4d
Expires
0
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8114484655641338530
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8114484655641338530
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
an-x-request-uuid
e850915c-a2cf-4db0-b1f6-155869756e1b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8114484655641338530
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=ceeb8c3d9f62ccf894c9444daf9b934&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=ceeb8c3d9f62ccf894c9444daf9b934&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=ceeb8c3d9f62ccf894c9444daf9b934&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705254430276064-106
tap.php
pixel.rubiconproject.com/ Frame 5FBC 		42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3tuo6xT5HFyrqHypndG9ZlzD5uLrXH4KwXB_eb4xjlA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3436f1ae-af3b-4fe8-87f8-c980a9ec95c1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3436f1ae-af3b-4fe8-87f8-c980a9ec95c1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3436f1ae-af3b-4fe8-87f8-c980a9ec95c1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU0a0579c9338846899ced80fe1f7157bd
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU0a0579c9338846899ced80fe1f7157bd
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU0a0579c9338846899ced80fe1f7157bd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
155
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5FBC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjQkVpd1O8yPzCa3VH3UiZIk-sj0NW48_7g
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjQkVpd1O8yPzCa3VH3UiZIk-sj0NW48_7g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjQkVpd1O8yPzCa3VH3UiZIk-sj0NW48_7g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=4695284997587168214
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=4695284997587168214
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=4695284997587168214
date
Sun, 14 Jan 2024 17:47:09 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5FBC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3tuo6xT5HFyrqHypndG9ZlzD5uLrXH4KwXB_eb4xjlA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3tuo6xT5HFyrqHypndG9ZlzD5uLrXH4KwXB_eb4xjlA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4PHBDDG6KHVX317G47SA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3tuo6xT5HFyrqHypndG9ZlzD5uLrXH4KwXB_eb4xjlA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cs
cs-server-s2s.yellowblue.io/ Frame 5FBC
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTA3OTJEQ0EtNEI5NC00NUY1LUE4MjUtNjJFQkVFODJEQUE3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
date
Sun, 14 Jan 2024 17:47:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEdkeChNdaG94vB8uSUk3Aw&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEdkeChNdaG94vB8uSUk3Aw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEdkeChNdaG94vB8uSUk3Aw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=TNVDsgtNMw66&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=TNVDsgtNMw66&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=TNVDsgtNMw66&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-d9rwg
expires
-1
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=18da5639c48210b5&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAF74WccfRpQwNaRgN4AAAAAAA&expiration=1705340830
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAF74WccfRpQwNaRgN4AAAAAAA&expiration=1705340830
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAF74WccfRpQwNaRgN4AAAAAAA&expiration=1705340830
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-qz3KzeNE2uGPhMTM6Tx8IdqQZzqOvIHT.OFMpgI-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-qz3KzeNE2uGPhMTM6Tx8IdqQZzqOvIHT.OFMpgI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-qz3KzeNE2uGPhMTM6Tx8IdqQZzqOvIHT.OFMpgI-~A
date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 5FBC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=onetag&user_id=ha9A-quZIInC8oIw01xE0
  • https://onetag-sys.com/match/?int_id=30&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 14 Jan 2024 17:47:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 5FBC 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11581&id=3tuo6xT5HFyrqHypndG9ZlzD5uLrXH4KwXB_eb4xjlA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9C11 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94586299&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4518f03280ea3372a2b9702b699ba79e27bcd6d1ee95c0fb38f1590673ff0d75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 14 Jan 2024 17:47:10 GMT
content-length
1736
content-type
text/html; charset=UTF-8
iframe_buster_200_260.js
s0.2mdn.net/879366/ Frame E286 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/iframe_buster_200_260.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 20:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27697
x-xss-protection
0
last-modified
Wed, 31 Jul 2019 21:01:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jan 2024 20:54:29 GMT
truncated
/ Frame E286 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7d4e1e97752011cac79912f9d79a095322da5c50a686b32c5c7bad2bb522d2b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame FB0E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H_brhPZH6DnPiOsMRS6WPVr3&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7K1T04KRH33XD2AXRKWZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame FB0E
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1705254430179&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=D2D50F43DC4546B49B24C3B39721A84F
43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=D2D50F43DC4546B49B24C3B39721A84F
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=D2D50F43DC4546B49B24C3B39721A84F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 13 Jan 2024 17:47:10 GMT
merge
ce.lijit.com/ Frame FB0E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dc42e84...
  • https://ce.lijit.com/merge?pid=16&3pid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame FB0E
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4dca9d3d-e51e-51da-b17d-3e200c96feae
0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4dca9d3d-e51e-51da-b17d-3e200c96feae
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ce.lijit.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Server
nginx
Location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4dca9d3d-e51e-51da-b17d-3e200c96feae
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame FB0E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?3pid=AAFMHU7LSDwAABkQtba67w&pid=85&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AAFMHU7LSDwAABkQtba67w&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AAFMHU7LSDwAABkQtba67w&pid=85&gdpr=0
Date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame FB0E
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H_brhPZH6DnPiOsMRS6WPVr3&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=ZaQeHv013-SSJnjDWpzDE7dC
43 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=ZaQeHv013-SSJnjDWpzDE7dC
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
Aorta/20240110.a47e9006f
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=ZaQeHv013-SSJnjDWpzDE7dC
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
295b3205e33b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dcm
s.amazon-adsystem.com/ Frame 1D79 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=FEA477D7-E748-4899-82A8-124C1887F622&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 Jan 2024 17:47:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GA9JRDEN3VW1B15D16W5
ecm3
s.amazon-adsystem.com/ Frame F9DE 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 Jan 2024 17:47:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KMZGWRNXR9YPWZ4N7P0R
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_qR31-dISJmCqBJMGIf2Ig%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=27163
accept-ranges
bytes
content-length
5622
expires
Mon, 15 Jan 2024 01:19:53 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9C11
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FEA477D7-E748-4899-82A8-124C1887F622
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=FEA477D7-E748-4899-82A8-124C1887F622
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttd_puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 9C11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20FEA477D7-E748-4899-82A8-124C1887F622&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 9C11 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=FEA477D7-E748-4899-82A8-124C1887F622&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 17:47:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-server-s2s.yellowblue.io/ Frame 9C11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVBNDc3RDctRTc0OC00ODk5LTgyQTgtMTI0QzE4ODdGNjIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
date
Sun, 14 Jan 2024 17:47:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 9C11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3z9aTxZn-nEtyQUt8aFQE&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
date
Sun, 14 Jan 2024 17:47:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 9C11
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A96578CE3156412C894FDA61369418DC
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
25
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
date
Sun, 14 Jan 2024 17:47:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 9C11
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
date
Sun, 14 Jan 2024 17:47:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
FEA477D7-E748-4899-82A8-124C1887F622
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9C11 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FEA477D7-E748-4899-82A8-124C1887F622?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
62153750_c74e2aa1d92a613a149afbf9b845b47a_creative_def.js
s0.2mdn.net/ads/richmedia/studio/creative/62108353/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/creative/62108353/62153750_c74e2aa1d92a613a149afbf9b845b47a_creative_def.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23cb00f0b8285fd51a4f2b989f0dbe03c616ee1e53b5e500ca140642a8579ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 13:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1476
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 12:36:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 13:09:38 GMT
html_floating_rendering_lib_200_260.js
s0.2mdn.net/879366/ 		189 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_floating_rendering_lib_200_260.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab17be372bef91eb0e542a362ad0781ec3ad8e31bbcc606dafbbd38f6e618d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 00:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66975
x-xss-protection
0
last-modified
Wed, 31 Jul 2019 21:01:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 00:12:52 GMT
container.html
a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 19EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:47:09 GMT
expires
Mon, 13 Jan 2025 17:47:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 19EB 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:24:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
397351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Jan 2025 03:24:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 19EB 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 17:47:10 GMT
survey190118.html
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame 295F 		913 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_floating_rendering_lib_200_260.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7c877d99de88d1191c44385c76d8a7165de72da9126c9ac8b8dfee948d5251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
510
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:47:10 GMT
expires
Mon, 15 Jan 2024 17:47:10 GMT
last-modified
Tue, 31 May 2022 16:02:42 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubBzk_xuKGFkULS7BYLCvWbh16y2_eSNEhS0UEg4XDVayvx-zPfuZ_Y_L1R0CINaarqSwmv50xKIjJJAxRgHb-cweJgryP6CyoS37XIWk8r6hksQ2oKjw_4mwIVJ6c-qpeP8tvSIbXs7FSeFEPgVePrgntmv0cp18lqUUHfYCB86_Eq7bvuWZlpuy_Bw9B4j6ArGwbUuTX-pctf_SBQ3nl5qXnKnMo_l1AblDq53sTXYCKdXl4kegfJA1G9t_Nwg2KT2Uj5MuAkWa0_sYn9LB9ASPJX6zgXQsXSpge95dQoukfQSlMB_IL_LoUGrkbX_ZAa-6RskkwUxk7RLj0-78sxc7uLxhP0xv35-twQPVbpdbUmfDF7xDSzlcBISnXUVQX&sai=AMfl-YQf_HU1W0V55iNUkm6gHLJX1gWUMSHRXh8uMGUN1flEPxGSgZs-s74BV8ctLE1UErAdxdQhHazzZkVGrwio69uGO7FO1HNuSWN9qvzaRlxG9SpbTVvXyWenWVHE1pE&sig=Cg0ArKJSzMIFP5szdrFaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 31E7 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9049341740f1f9d0914e2cbd3942ca7d731b90c8413b9734239e87295c428a42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 17:47:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Jan 2024 11:04:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62248
Connection
keep-alive
Content-Length
10963
Expires
Mon, 15 Jan 2024 11:04:38 GMT
style.css
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame 295F 		698 B
350 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f0c4b39d863ac2ca20e15b9ee2a177c5fea8e6b61c5065470c150a7280d39f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 13:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
x-xss-protection
0
last-modified
Tue, 31 May 2022 16:02:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 13:09:38 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 295F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 12:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 12:10:41 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.9.3/ Frame 295F 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.9.3/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9cf86ce529e62f4bb189cdac035ee6f01bbecde9b0218b6a83d2672081a00eb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2702527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26490
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-165b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXATRxE8IOZUHzt5aXYPhIDDhqu%2FCirlVfUextntb1o%2BIQwTdoggMI2GNszK%2BISo6hoF%2BAKm6YJnjvh7Ez7J1XqsYYzj6X53PxHM4NmtjPLiXbMlMhr5Ac4qkO8QTdiJqT34STfSvs3sfkpaDuHHoYSR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8457b3df0b694bd3-BUF
expires
Fri, 03 Jan 2025 17:47:10 GMT
GuardianSurvey_DC.js
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame 295F 		656 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/GuardianSurvey_DC.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7b720f057b1dea4aaacbc3ca253abb9fde74b01d93ec13c4d086e1ec62df5b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bQmFv9qDCU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
last-modified
Tue, 31 May 2022 16:02:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 04:09:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 19EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXnyerN1qf5WKFXiT64XgOl-9jfj-BIANk3DZeOhzffvxqE_eRqXg2qTPgz-WeE1aLkKnMOUQdH-d8Kv0O3DoX-Dn4gbp5YMV_fb9pBpVhw4eV-XFI253SWNg47rnn5d_wL3QeEpQ_I9NaMu25wajlHO7XqrLgw7ZZt3Uu1ZCi-kDe_OIRMJzhMFtgNTtpeii-nu7_45TsK5RMcqLmwHqhqoL4O8IMPKFM328oCnNxfmwIE7AJzip-0-nLOi9V9QW4gOA7iQWoRl8LMUNtyfhD5-_jdLKfDe3ycBtNwfCsRFOd2tORM7OcPJZQtJPJvGXNmYvWauCr1R2ByOdbWMrrOWsXZcYn7dGFexu-qeOJOveSCEtuNG3S3lvtjHsRGLjySIt8Ww8j6jNYvYc&sai=AMfl-YTqSOaDoTVIIu0AD1ALy6Sa_MFcjkfHnPPPbZs0BLyJDZOwu411hA_gueIX8dw3wM9bbS2Ror8zu3YD73--CGpGCdr2G9WR6QKetVEiuZFVTaD8PjhnMYI8JRkNQA&sig=Cg0ArKJSzM7D9OD_PskMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
GHGuardianHeadline-Medium.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ Frame 19EB 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
Origin
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
HHIQ3WeGDwVAN5VSRXOfuICG.s7kCaes
date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
XYFZDYVXNY0XFW0Z
age
3911598
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2
fastly-restarts
1
x-amz-id-2
MwmEyD2ONQmc3FBx0GqDQdSTPqAKb9Iky79HZpA0sas01RW3fir10T/ZwwzP8jhbIN81uxFtjcs=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
16612
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254431.584277,VS0,VE0
etag
"08f5422d28aa5861fac0170cef914db8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3285
GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ Frame 19EB 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
Origin
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
Msu4H0RN5fNTmFpmsaDu.cipueaXmWBh
date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
1DQAK2PM70TGV3QE
age
974571
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2
fastly-restarts
1
x-amz-id-2
7Rlkf9+NVKN4CQTSEajwvc5E9I7MyfSv0xlm1DUVFfsfxttqpIS5mTN69ArLfCjq8GVM9cVLR7M=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
17376
last-modified
Fri, 10 Feb 2023 15:45:11 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254431.584276,VS0,VE0
etag
"227b6e4f26bef19d8f2815f6097b7b7c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3829
GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ Frame 19EB 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
Origin
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
cZB.5DOXNYvF_6or5.utmjVZGw4SnT9B
date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
GR28QTPWN427KVQP
age
3484594
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2
fastly-restarts
1
x-amz-id-2
YxcvEWfwmlrVWIfDcUN+X7oVpB3u+OU5Aef+jOJBALTGeUnRMzIEzgaFBKqDcalXbFnIqtvPl5w=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
16492
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254431.584749,VS0,VE0
etag
"f5d54732577509c40f5a5a47f47aeab5"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3764
GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ Frame 19EB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
Origin
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
tKKp.XjpprpAViNnE3ezgGnqSJ6ReAZm
date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
JENRHTH1XR2GDRWH
age
2709366
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2
fastly-restarts
1
x-amz-id-2
ZL1/XVNPlTnP2oOU7OSr+tRGwnqqWtRpdbNxyHb3XJjS9OQpI76c4xCPbKGsY/gODgF6EFpNubM=
x-served-by
cache-nyc-kteb1890079-NYC
content-length
15416
last-modified
Fri, 10 Feb 2023 15:45:12 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1705254431.584725,VS0,VE0
etag
"5c9af23772b65de0d3f1fb8638c196b4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3878
truncated
/ Frame CBA2 		63 B
63 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Type
text/html
9380150788538314668
tpc.googlesyndication.com/simgad/ Frame 19EB 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9380150788538314668?
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa5a46c95e93d55aad64732ba9de2358ab39613e7670dd1123a6b166393ba66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 12:11:35 GMT
date
Wed, 10 Jan 2024 12:11:35 GMT
x-content-type-options
nosniff
age
365735
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49130
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 13:00:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8785301583912193145
tpc.googlesyndication.com/simgad/ Frame 19EB 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8785301583912193145?
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f81f254f97a956e3452b130bf9a21ff4810194d89a05515581ff1fff89c9362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 00:00:49 GMT
date
Wed, 10 Jan 2024 00:00:49 GMT
x-content-type-options
nosniff
age
409581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123671
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 13:01:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
4388230904591631063
tpc.googlesyndication.com/simgad/ Frame 19EB 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4388230904591631063?
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f662d3de8af575bfcdbf0ea658a587e12355ed05c5a3245384cbb04e5b1ce347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 00:00:49 GMT
date
Wed, 10 Jan 2024 00:00:49 GMT
x-content-type-options
nosniff
age
409581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132833
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 13:02:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
17595829740164400145
tpc.googlesyndication.com/simgad/ Frame 19EB 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17595829740164400145?
Requested by
Host: a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
URL: https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8512a62bde2aa2a50bdd3d58eceebaabfadd325a0b81b144a3e3c34cf5a678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 01:41:18 GMT
date
Tue, 09 Jan 2024 01:41:18 GMT
x-content-type-options
nosniff
age
489952
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95010
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 13:02:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 19EB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39f9a5e3c64c05b4ab07da776e1898bdb4d023bf907aa14a1eacb9b9ac76b2c9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
khaos.json
token.rubiconproject.com/ Frame 31E7 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
Background.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame 295F 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/Background.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e77d4745f8b8f60fd0bcccda0394c0eab1c2d2d4b6635cee2b1217d7fb893540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 13:09:38 GMT
x-content-type-options
nosniff
age
16652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65175
x-xss-protection
0
last-modified
Tue, 31 May 2022 16:02:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 13:09:38 GMT
CloseButton.png
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame 295F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/CloseButton.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6835c345fd1f9c7c4df26045a8f4ed1ec7c602dc60fbc6d053bf992ad61ffda5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 13:09:38 GMT
x-content-type-options
nosniff
age
16652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1102
x-xss-protection
0
last-modified
Tue, 31 May 2022 16:02:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 13:09:38 GMT
CTAButton.png
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame 295F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/CTAButton.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4a8f095c973333ba127ae2ab0681c2efa90ec432472cbc56401c7011814d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 13:09:38 GMT
x-content-type-options
nosniff
age
16652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4635
x-xss-protection
0
last-modified
Tue, 31 May 2022 16:02:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 13:09:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 19EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus76-5nKY88H6AHeKWqlwcX1YQk0bLUGckopALFOfTHedcixRDsTCj5x2V2DC560H1cmx-BX_7ZL7LZyReR3FSbnDuRcnRGtfAH6FBNM_E1zuM4tZ3xcPgbVRux9aebTLlwhh7qVB0VblzRKswwfpDtwFHEoCYVm2Eo7Jjo-x-5Fov47tXBuS2qZ2ELyyFChaQ_UNQRo5GofPLY0LKTL3ElQUuFKPHxd5U80Xxzwn54KVWqRhOJhjkosr_83W4T99kYuO8So2jboMNbteW29ESX4AeqHA1a9lLJ0CnLUiSieseVCRBm-DpJPuad-pgUS5yR5u2clXkQJz28-IVZwR3EsVV6DhLVD8x2a31UCudXAs8xlT2M8JW3MalyrQLzqO6mBWup-TYzRwmxUh1lA&sai=AMfl-YStnUTUzfcKuGcYwO7158b3kBvF5cuyMUqITSR3lnDAWW76by4QWZfXxjCbtgyIY-pxDZHvMbsIK4-VOHJe7sFomAQ0WUHJ27GoMwVFZ5N14ff7mPVOX-qD9Whwhw&sig=Cg0ArKJSzEayGjdvZcmIEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 Jan 2024 17:47:10 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
85f0ea3b2226011e7bb03d720b74b7a84c7d9a316fdd86fdae14f8412f300c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 10 Jan 2024 15:13:35 GMT
server
nginx
etag
W/"659eb41f-17825"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:47:10 GMT
usage
api.permutive.com/v2.0/tpd/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 14 Jan 2024 17:47:10 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
cs
cs.yellowblue.io/ Frame 31E7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LRDSGJFB-1J-5J51
  • https://cs.yellowblue.io/cs?aid=11590&id=LRDSGJFB-1J-5J51
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LRDSGJFB-1J-5J51
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LRDSGJFB-1J-5J51
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
log_event
www.youtube.com/youtubei/v1/ Frame B51D 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time
1705254430791
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/3V15ZwL63iI?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=2
X-YouTube-Client-Version
1.20240109.00.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
CgtKSVlMangwVFJFYyibvJCtBjIKCgJVUxIEGgAgCw%3D%3D
X-YouTube-Ad-Signals
dt=1705254428385&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C460%2C259&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
publishertag.prebid.148.js
static.criteo.net/js/ld/ 		0
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&performance=%7B%22dns%22%3A0%2C%22connection%22%3A63%2C%22firstByte%22%3A107%2C%22lastByte%22%3A42%2C%22domContentLoadedEvent%22%3A74%2C%22loadEvent%22%3A3429%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D&renderedComponents=%5B%22nav3%22%2C%22nav2%22%2C%22main%20video%22%2C%22body%22%2C%22standfirst%22%2C%22meta-byline%22%2C%22share%22%2C%22social%22%2C%22most-viewed-video%22%2C%22related-content%22%2C%22related-stories%22%2C%22more-media-in-section%22%2C%22most-popular%22%2C%22footer%22%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&performance=%7B%22dns%22%3A0%2C%22connection%22%3A63%2C%22firstByte%22%3A107%2C%22lastByte%22%3A42%2C%22domContentLoadedEvent%22%3A74%2C%22loadEvent%22%3A3429%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&edition=US&performance=%7B%22dns%22%3A0%2C%22connection%22%3A63%2C%22firstByte%22%3A107%2C%22lastByte%22%3A42%2C%22domContentLoadedEvent%22%3A74%2C%22loadEvent%22%3A3429%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%2C%22assetsPerformance%22%3A%5B%7B%22name%22%3A%22standard%20boot%22%2C%22timing%22%3A410%7D%2C%7B%22name%22%3A%22commercial%20request%22%2C%22timing%22%3A426%7D%2C%7B%22name%22%3A%22commercial%20boot%22%2C%22timing%22%3A555%7D%2C%7B%22name%22%3A%22enhanced%20request%22%2C%22timing%22%3A424%7D%2C%7B%22name%22%3A%22enhanced%20boot%22%2C%22timing%22%3A499%7D%5D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401090101&st=env
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87da84bc420de976849b1b4918aad5d2db40001ea2fc1698df87f99cd123b824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12261
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 14F7 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Kestrel
server-processing-duration-in-ticks
704931
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
dcm
aax-eu.amazon-adsystem.com/s/ Frame 31E7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8R56K77GS37MG8HD9BKP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 31E7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NSX52QmjiRQqz7Yfk6LQicn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zc0VAcFE2oJA9yp7llFmPO3f_.TKTMY1V8.HHQ--~A
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zc0VAcFE2oJA9yp7llFmPO3f_.TKTMY1V8.HHQ--~A
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zc0VAcFE2oJA9yp7llFmPO3f_.TKTMY1V8.HHQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 31E7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJEU0dKRkItMUotNUo1MQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELU6WJXZW6KQcJ-igRjWQ0Q&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJEU0dKRkItMUotNUo1MQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJEU0dKRkItMUotNUo1MQ==&google_push=
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJEU0dKRkItMUotNUo1MQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
setuid
px.ads.linkedin.com/ Frame 31E7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRDSGJFB-1J-5J51
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRDSGJFB-1J-5J51
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4CD2B493B2354EA9A4993291C6BB48C8 Ref B: EWR311000102031 Ref C: 2024-01-14T17:47:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO63ydK+YEFE6fwpcsqQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRDSGJFB-1J-5J51
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 31E7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=&expires=30
date
Sun, 14 Jan 2024 17:47:10 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 31E7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ku9olBYRTqq2CDkGvK2xVQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ku9olBYRTqq2CDkGvK2xVQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ku9olBYRTqq2CDkGvK2xVQ
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QSNX7VREHT91R3CCVEG3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ku9olBYRTqq2CDkGvK2xVQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 31E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbYVvkmtxDL3m3guHx5Fs0&google_cver=1
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbYVvkmtxDL3m3guHx5Fs0&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbYVvkmtxDL3m3guHx5Fs0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 31E7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRDSGJFB-1J-5J51&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRDSGJFB-1J-5J51&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BDFGV2JE9CMQTH30VMKP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRDSGJFB-1J-5J51&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
pixel
cm.g.doubleclick.net/ Frame 31E7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk1NWZmZjNhYTZhYWM4ZTE0YjQwM2M5MmQwZDhiYzgyMTZhNjYzMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk1NWZmZjNhYTZhYWM4ZTE0YjQwM2M5MmQwZDhiYzgyMTZhNjYzMw
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk1NWZmZjNhYTZhYWM4ZTE0YjQwM2M5MmQwZDhiYzgyMTZhNjYzMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 31E7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMHU7LSDwAABkQtba67w&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMHU7LSDwAABkQtba67w&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMHU7LSDwAABkQtba67w&expires=30
Date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 31E7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRDSGJFB-1J-5J51
0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRDSGJFB-1J-5J51
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRDSGJFB-1J-5J51
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
merge
ce.lijit.com/ Frame 31E7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LRDSGJFB-1J-5J51
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LRDSGJFB-1J-5J51
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LRDSGJFB-1J-5J51
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
v1
match.sharethrough.com/sync/ Frame 31E7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRDSGJFB-1J-5J51
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRDSGJFB-1J-5J51
Protocol
H2
Server
34.224.134.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-134-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRDSGJFB-1J-5J51
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 31E7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=526c168f-3361-4ec8-a1b9-dce7246afa61&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=526c168f-3361-4ec8-a1b9-dce7246afa61&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=526c168f-3361-4ec8-a1b9-dce7246afa61&expires=30
Date
Sun, 14 Jan 2024 17:47:11 GMT
Connection
keep-alive
X-CI-RTID
7c807b27-1869-4164-a64b-acf1db30e28a
Content-Length
144
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 31E7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRDSGJFB-1J-5J51
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRDSGJFB-1J-5J51
Protocol
H2
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:11 GMT
an-x-request-uuid
217f1270-3b61-42ee-8276-8f9befca7be1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRDSGJFB-1J-5J51
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 31E7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRDSGJFB-1J-5J51
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRDSGJFB-1J-5J51
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRDSGJFB-1J-5J51&ckls=true&ci=2WArcIqglP&nc=false&trid=-1522055582
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRDSGJFB-1J-5J51&ckls=true&ci=2WArcIqglP&nc=false&trid=-1522055582
Protocol
H2
Server
54.192.51.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-45.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:11 GMT
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
rip0A47aTSE-DH-ktMre2JmYj_cd5f2ayMnmMzD8dzfq_qh2dsl-Tw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:11 GMT
via
1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRDSGJFB-1J-5J51&ckls=true&ci=2WArcIqglP&nc=false&trid=-1522055582
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
FrExVsl-k3O9T1vJSrfN0Kyzl5ErqVSjVl0nDi4mzTbkmsuBeGYHBQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:10249&sessionId:97732af5-e3b6-f615-4d4f-9a45ac769297&err:responsetime%3A481%26probability%3A10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.89.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-89-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:11 GMT
server
nginx
x-server-name
app40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sid
mug.criteo.com/ Frame 14F7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=LLUjs3xQa1dOUlFvT2dGTWw4RmJkcXlPNUN4bkdDYW1XT21wdHBYSmk4eXM4eHE1QksrNVVNVFBRTGxHaFNyNDFmaXViZVFtTXY0Z0p0eUhHUGxMditkM2N4c1VNSGVNOHNUYjhtbFgxaXFYZUNLcVRUcG44T1RwUVlzcz...
425 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LLUjs3xQa1dOUlFvT2dGTWw4RmJkcXlPNUN4bkdDYW1XT21wdHBYSmk4eXM4eHE1QksrNVVNVFBRTGxHaFNyNDFmaXViZVFtTXY0Z0p0eUhHUGxMditkM2N4c1VNSGVNOHNUYjhtbFgxaXFYZUNLcVRUcG44T1RwUVlzczdJK0xlUmZ6QXB3Y2themJxRklQNG1zc01HNlBDanNwRC8ydlhLd1FIRUlaVm00eWhhY1RnYXBPUWFKWHhEUmo2WXkxd2NhTUxhNStsTEtHSXY5TGZUVkpPeGYvT0NXRkpDTnhYTFVUODRsUisvSHRyWGFBazZlRGoxak9sNm5wd0Y0RWlrczJBQkEzYXh3RGFXK3pNMVdYa0RTY1E1amVHT0VNanFMek93bjQzZ1k0WVhzRT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ce2bcf3b6054a79cf1970c4a5ccb7e9423e424b85fa4f2faba27045fa99d86d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2018630
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LLUjs3xQa1dOUlFvT2dGTWw4RmJkcXlPNUN4bkdDYW1XT21wdHBYSmk4eXM4eHE1QksrNVVNVFBRTGxHaFNyNDFmaXViZVFtTXY0Z0p0eUhHUGxMditkM2N4c1VNSGVNOHNUYjhtbFgxaXFYZUNLcVRUcG44T1RwUVlzczdJK0xlUmZ6QXB3Y2themJxRklQNG1zc01HNlBDanNwRC8ydlhLd1FIRUlaVm00eWhhY1RnYXBPUWFKWHhEUmo2WXkxd2NhTUxhNStsTEtHSXY5TGZUVkpPeGYvT0NXRkpDTnhYTFVUODRsUisvSHRyWGFBazZlRGoxak9sNm5wd0Y0RWlrczJBQkEzYXh3RGFXK3pNMVdYa0RTY1E1amVHT0VNanFMek93bjQzZ1k0WVhzRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
458944
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 17:47:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 345C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
141432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 02:29:59 GMT
expires
Sun, 12 Jan 2025 02:29:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F704 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4cff692f1ec9e8d1518cbadbd290bd35c023a8949667565e871c13dc9cd75aad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uzGv0Ix2252XuZgTHELwOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uzGv0Ix2252XuZgTHELwOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:47:11 GMT
expires
Sun, 14 Jan 2024 17:47:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&adUnitWasHidden=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame F704 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401090101&jk=2719913891048784&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 345C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:29:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
141432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 02:29:59 GMT
generate_204
tpc.googlesyndication.com/ Frame 345C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?92P_Dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame BBC7 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time
1705254431272
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/9VBoIYxpsKY?embed_config=%7B%22relatedChannels%22%3A%5B%5D%2C%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Fvideo%2Fng%22%2C%22cust_params%22%3A%22amtgrp%253D6%2526fr%253D1%2526consent_tcfv2%253Dna%2526rdp%253Df%2526pa%253Dt%2526ct%253Dvideo%2526url%253D%25252Fworld%25252Fvideo%25252F2023%25252Fdec%25252F28%25252Frussian-stars-semi-naked-party-sparks-wartime-backlash-video-report%2526su%253D0%2526edition%253Dus%2526tn%253Dnews%2526p%253Dng%2526k%253Deurope-news%252Crussia%2526sh%253Dhttps%25253A%25252F%25252Fwww.theguardian.com%25252Fp%25252Fpk632%2526dcre%253Df%2526rc%253D4%2526rp%253Ddotcom-platform%2526s%253Dworld%2526sens%253Df%2526urlkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%2526allkw%253Drussian%252Cstars%252Csemi%252Cnaked%252Cparty%252Csparks%252Cwartime%252Cbacklash%252Cvideo%252Creport%252Ceurope-news%252Crussia%2526ab%253DSignInGateMainVariant-main-variant-5%2526cc%253DUS%2526pv%253Dlrdsgh6lgipstxyb1dt8%2526si%253Df%2526bp%253Ddesktop%2526skinsize%253Dl%2526inskin%253Df%2526permutive%253D%22%7D%2C%22restrictedDataProcessor%22%3Afalse%7D%7D&enablejsapi=1&origin=https%3A%2F%2Fwww.theguardian.com&widgetid=1
X-YouTube-Client-Version
1.20240109.00.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
CgtKSVlMangwVFJFYyibvJCtBjIKCgJVUxIEGgAgCw%3D%3D
X-YouTube-Ad-Signals
dt=1705254428370&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a0e897e9d98026dd901cabebdf3debaf570f157f68ce206b051c713544efc317

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401090101&jk=2719913891048784&bg=!gIOlg8zNAAaumcC-jpk7ADQBe5WfOOAEIFWJTQ8MG84l70PUXpRS5OjpYym8A8FJCAOX0Dd4j2expSsOuR6h-sw0hC3sAgAAAE9SAAAABGgBBwoAqhyXyCUCIavrVgCKaSYEEEPGxSySZCM4BWT9pwb5yw0hrYYVvPeHomXYrMEQ750rRtt4HtSg7RFlIB69SO594mU9-y6HP4ewvv5bxO_fE2T3RlIRHcyLQGTIcS5nkBCr9bVjNzrqF4irOl_Psb1sOMt4JOL2M4oHkCXK7wENp-aa1YoKtBJH0wgG4aV9YxQ-k6a6dMZTc6oE5iOGhe5QX0gf7yYRo_6JgkU7mQLJ_PL0bxYZi5f2LOeeItt0ZqlTrSggtu4WmfcG2TNHovAgEP2-B1CfL1JQViuLLAbFPIaGe2p3evh7tV7jAzn2aSSZtJlUaNpJiq01exyqvxHtwRAp8Wl2R8zU0Yxe1cWxcLu1rcJzhQt4BOsl8Y_lvriK13PabGoFN2bzk-rbn3yJriDgQd8uCvwjx4EcdeWBWocInkUkXboudisnbBhfMIIuZRuQOg7bhRHkyw4hybXwl4nKmfu3gwrClBzOE6MoWZQJharVXTBnDUlV74B5rsshjzxbBHkxIWQ0dZPNUn2H496Ys3YOcdHHQNOf0loUMnDQ_ipxWGuunBL81Ps18WPAcArJxiXV898x7V4hEbu43BgIfzBoNhAMPoVUqrdqChp7hJ7zYoR8edD8NbO5NPNwyG09gSvIHQKdiH4fYry2bZgwRK15Utvitjbp_2cdhd2NK4qTgmR82TV6Iq3vR_L2nOzxHMgIw5GwgYH2FFGemvGzXzsQrj9lLMIho5EYRTR6qVnxkVpw6Ha6ojB4_FE1SmlzzlFQsAynorcPPUsMlpvXQZymlWrIjuNjbALybBAu5TwegsA00J2bqvqqQRThV8fBXLqwVL0R3JfUKoS6tjkGvjd98Mg13JDWhEAQGDOrGxB4XnwTQv8UdvFoe22zgjVfa9Vl-2hfq4jHf5TzvfVJbJslOQB9R-i4a9-TCC2-jSBAYNY6b1tGZBtTVxS2vj558zosvoOnwpKGR8_RGUaZhdL1OpbRKgF9JpeyaPnd9udXj0UcOxkN0YToPC_N8xBOuUsZOnbQvDur-kkDG2gKlKlcYOrH9B1XxFLkb-OZsvGm_Vqnm0tU6kuN06_j81tWAGxnJ58Y7UpuP62sv659cFo6KQdLVS6UNu81P2ZjqNJwbWKeoXmU-xHgpMOQjkfLbaCrcPI3KU-cj7SV_C2GR4t_qXc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/f05c0302673e56da3561/graun.standard.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 14 Jan 2024 17:47:11 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
SPug
simage4.pubmatic.com/AdServer/ Frame 9C11 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lrdsgh6lgipstxyb1dt8&register=%5B%7B%22name%22%3A%22related-content%22%2C%22status%22%3A%22completed%22%2C%22endTime%22%3A%222264ms%22%7D%2C%7B%22name%22%3A%22tonal-content%22%2C%22status%22%3A%22unfinished%22%7D%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.52.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-52-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7E6B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27161
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 14 Jan 2024 17:47:12 GMT
expires
Mon, 15 Jan 2024 01:19:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame 319B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f125a14acbaedfc35b2cdd3ec7a772626dd6e70c29cff8d188fa2998aeaef5

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8457b3ecafd4398a-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 17:47:12 GMT
expires
0
last-modified
Mon, 08 Jan 2024 10:00:08 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
sync
eb2.3lift.com/ Frame 5832 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4b7f2e32a50c61ed06c165c6a495bb258b9d2296c629331e5ade48a3f5564eae

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 17:47:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 5B09 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
314
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8457b3ecfd0d36a7-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 17:47:12 GMT
expires
Sun, 14 Jan 2024 21:47:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi
49 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk&pi=sonobi
pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT, Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D-236313501&pcid=$UID
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-236313501&pcid=8114484655641338530
43 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-236313501&pcid=8114484655641338530
Protocol
H2
Server
3.161.213.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-49.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
via
1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
kBEVn2HADTPSlHdMKyOKrp1xkkizX13ZQySk8473SE_rfRFL2GWdlg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
an-x-request-uuid
1f465038-fe2d-40b6-b626-e0937bc802e5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-236313501&pcid=8114484655641338530
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ibs:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
dpm.demdex.net/ 		42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.216.208.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-208-235.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0ccda2445.edge-va6.demdex.com 1 ms
pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
WymnWHp4SqY=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8114484655641338530&pt=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8114484655641338530&pt=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
an-x-request-uuid
fd6fb0b3-5e03-47fe-bc8c-0cb2db04716f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8114484655641338530&pt=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb%2C%2C
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
49 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=opMFXkmpB964
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-dq6dw
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=d089631d2d&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=d089631d2d
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=d089631d2d
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&pubid=d089631d2d
date
Sun, 14 Jan 2024 17:47:12 GMT
server
Kestrel
content-length
227
ID1=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ccb77f3d-a741-0308-3bca-cb6714ef7438
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ccb77f3d-a741-0308-3bca-cb6714ef7438
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 14 Jan 2024 17:47:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ccb77f3d-a741-0308-3bca-cb6714ef7438
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792
  • https://sync.go.sonobi.com/us.gif?nuid=OPU0a0579c9338846899ced80fe1f7157bd&nw=oa
49 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nuid=OPU0a0579c9338846899ced80fe1f7157bd&nw=oa
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://sync.go.sonobi.com/us.gif?nuid=OPU0a0579c9338846899ced80fe1f7157bd&nw=oa
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
107
expires
Mon, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1791377155905026303
Date
Sun, 14 Jan 2024 17:47:12 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7020910070686028027&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 14 Jan 2024 17:47:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDNiZjZlYzEtOGIxZi00MzlhLWJhMjEtM2E5NTZkODRjNDJk
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEL3fSV-ir42jBpodRnk1C8A&google_cver=1
49 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEL3fSV-ir42jBpodRnk1C8A&google_cver=1
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEL3fSV-ir42jBpodRnk1C8A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SV20GBYDHQPWBV178J1W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
49 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9Son5ZY7UStD4HYH8estYmAJ-SY
Date
Sun, 14 Jan 2024 17:47:12 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
10.gif
id5-sync.com/c/434/1246/0/
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=03bf6ec1-8b1f-439a-ba21-3a956d84c42d&gdpr=0&gdpr_consent=&us_privacy=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F8%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/8/2.gif?puid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-7c2fdvQJO-C6sQt6xBQEqQz2PXOhf4zzmefg2dYZ-A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/434/124/7/3.gif?puid=1ae751c3-97ba-42a2-bacf-a4f214c82bfa&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/6/4.gif?puid=e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAFMHU7LSDwAABkQtba67w&id5AccountNum=155&numCascadesAllowed=9
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F4%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/4/6.gif?puid=86e1f13e-635d-474f-9ff2-de0c76f493c2&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/3/7.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/3/7.gif?puid=8114484655641338530&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=27&3pid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1245%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/434/1245/1/9.gif?puid=H_brhPZH6DnPiOsMRS6WPVr3&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=8114484655641338530&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdp...
  • https://id5-sync.com/c/434/1246/0/10.gif?puid=H_brhPZH6DnPiOsMRS6WPVr3&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/434/1246/0/10.gif?puid=H_brhPZH6DnPiOsMRS6WPVr3&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 14 Jan 2024 17:47:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 17:47:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/434/1246/0/10.gif?puid=H_brhPZH6DnPiOsMRS6WPVr3&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-53
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
an-x-request-uuid
cbeccebf-6b91-47e1-ae6e-47c498648f4c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=8114484655641338530
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 5832
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=f36c96ff-27d2-4332-a53e-ba507f4b35ec&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sun, 14 Jan 2024 17:47:12 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 5832
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc2NzI2ODk1NTIzNzcyNTQ0NTA2Ng%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5832
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYtqvgRrmkszfD1EOG5bA0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYtqvgRrmkszfD1EOG5bA0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYtqvgRrmkszfD1EOG5bA0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5832
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc2NzI2ODk1NTIzNzcyNTQ0NTA2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc2NzI2ODk1NTIzNzcyNTQ0NTA2Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc2NzI2ODk1NTIzNzcyNTQ0NTA2Ng%3D%3D
date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 5832 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2767268955237725445066&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9F372548F30347CCB9173BAADAB3B585 Ref B: EWR311000102031 Ref C: 2024-01-14T17:47:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO63y4+9rgddF6xrh23Q==
xuid
eb2.3lift.com/ Frame 5832
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2767268955237725445066?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-FyULFTpE2oTF3nRXJDrwg3mmAVigKZFc9jCZozj34g--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-FyULFTpE2oTF3nRXJDrwg3mmAVigKZFc9jCZozj34g--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 14 Jan 2024 17:47:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-FyULFTpE2oTF3nRXJDrwg3mmAVigKZFc9jCZozj34g--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 5832
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2767268955237725445066&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=7fa1b14f-0035-4358-a1a5-33197ff54bf5&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=5b22f7fc-0d41-4fe3-9bfb-7c0697e28b88&ssp=triplelift&expires=30&user_group=5&bsw_param=7fa1b14f-0035-4358-a1a5-33197ff54bf5
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 17:47:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=7fa1b14f-0035-4358-a1a5-33197ff54bf5&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 14 Jan 2024 17:47:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 5832
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=86e1f13e-635d-474f-9ff2-de0c76f493c2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=86e1f13e-635d-474f-9ff2-de0c76f493c2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:11 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=86e1f13e-635d-474f-9ff2-de0c76f493c2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
972230
content-length
0
expires
Sun, 14 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5832
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8114484655641338530&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8114484655641338530&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
an-x-request-uuid
56151978-fa59-42d2-84b0-d6a24b245e83
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=8114484655641338530&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 5832 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2767268955237725445066
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
an-x-request-uuid
9de5a18f-c84d-43ed-8c5c-e478363f5d73
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 319B 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8457b3ed8e616aed-BUF
cookie_sync
elb.the-ozone-project.com/ Frame 319B 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd741ddba410c2881bd5607e39e79f604982485cbe8d4c3de663b35667b0c04

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8457b3ed28e0398a-YYZ
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 7E6B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17718603&p=157206&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
12b06a4e5239f0b660b1b2e4420267e6e93769ef0db44c868ac887ad8abc2988

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 17:47:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D7D5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27161
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 14 Jan 2024 17:47:12 GMT
expires
Mon, 15 Jan 2024 01:19:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame F4CC 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 Jan 2024 17:47:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ER65QPVNC1EJKB0EF44B
Pug
simage2.pubmatic.com/AdServer/ Frame 7434
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f2d4fe50-b304-11ee-b07a-530754f5bf46
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f2d4fe50-b304-11ee-b07a-530754f5bf46
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 Jan 2024 17:47:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 14 Jan 2024 17:47:13 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f2d4fe50-b304-11ee-b07a-530754f5bf46
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
Pug
image2.pubmatic.com/AdServer/ Frame A2BE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGTUhVN0xTRHdBQUJrUXRiYTY3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAFMHU7LSDwAABkQtba67w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFMHU7LSDwAABkQtba67w&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFMHU7LSDwAABkQtba67w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4695284997587168214&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAFMHU7LSDwAABkQtba67w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D4695284997587168214%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=4695284997587168214&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMHU7LSDwAABkQtba67w&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMHU7LSDwAABkQtba67w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 Jan 2024 17:47:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 14 Jan 2024 17:47:13 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMHU7LSDwAABkQtba67w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame AD58
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8114484655641338530&gdpr=0&gdpr_consent=
42 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8114484655641338530&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 Jan 2024 17:47:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a8d1219e-ab53-44b7-87a8-623d9821273e
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 17:47:12 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8114484655641338530&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
96.9.249.38; 96.9.249.38; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
insync
thrtle.com/ Frame 7E6B
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e378c25f-9f0c-4dd9-8679-b8561cec8153
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e378c25f-9f0c-4dd9-8679-b8561cec8153
Protocol
H2
Server
34.224.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-207-11.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 14 Jan 2024 17:47:13 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e378c25f-9f0c-4dd9-8679-b8561cec8153
date
Sun, 14 Jan 2024 17:47:13 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 7E6B 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 7E6B 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.81.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-81-23.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:13 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 7E6B 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.192.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-192-2.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 14 Jan 2024 17:47:12 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7E6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3z9aTxZn-nEtyQUt8aFQE&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3z9aTxZn-nEtyQUt8aFQE&google_cver=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3z9aTxZn-nEtyQUt8aFQE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7E6B
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A96578CE3156412C894FDA61369418DC
42 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A96578CE3156412C894FDA61369418DC
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 Jan 2024 17:47:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 14 Jan 2024 17:47:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A96578CE3156412C894FDA61369418DC
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 13 Jan 2024 17:47:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7E6B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
42 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 Jan 2024 17:47:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
date
Sun, 14 Jan 2024 17:47:12 GMT
server
Kestrel
content-length
355
501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7E6B 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/501E6AEA-3A84-442E-BCEE-D90CC43CF6D6?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 7E6B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=501E6AEA-3A84-442E-BCEE-D90CC43CF6D6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vJeFZDNE2uUKPUq4BYClk34YP.kQC9Q-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vJeFZDNE2uUKPUq4BYClk34YP.kQC9Q-~A&gdpr=0
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vJeFZDNE2uUKPUq4BYClk34YP.kQC9Q-~A&gdpr=0
date
Sun, 14 Jan 2024 17:47:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7E6B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=526c168f-3361-4ec8-a1b9-dce7246afa61&gdpr=0&gdpr_consent=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=526c168f-3361-4ec8-a1b9-dce7246afa61&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 17:47:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=526c168f-3361-4ec8-a1b9-dce7246afa61&gdpr=0&gdpr_consent=
Date
Sun, 14 Jan 2024 17:47:12 GMT
Connection
keep-alive
X-CI-RTID
1a553e27-c744-46f8-a377-9f2474b6609f
Content-Length
205
Content-Type
text/html; charset=utf-8
setuid
elb.the-ozone-project.com/ Frame 319B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZaQeHRs-KDzESOWdA5s7IQAA%26503
0
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZaQeHRs-KDzESOWdA5s7IQAA%26503
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8457b3ee6adf398a-YYZ
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adohIGevqaVlCHTAyuXg4bgXQBQ%2FLg9wWKjjfbGyFm904u%2Bkanwq7caDg0I4Vt7bpqtduPFQPWSDkWN7ikGe43iow%2BmYwgajlO2e%2FMJ0sP3ZKn1pyN9AnkIDA7l5Y0hkOpicVXBW"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZaQeHRs-KDzESOWdA5s7IQAA%26503
cache-control
no-cache
cf-ray
8457b3ee0f6436aa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame 319B
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ae751c3-97ba-42a2-bacf-a4f214c82bfa
0
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ae751c3-97ba-42a2-bacf-a4f214c82bfa
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 17:47:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8457b3f02e05398a-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ae751c3-97ba-42a2-bacf-a4f214c82bfa
access-control-allow-origin
*
date
Sun, 14 Jan 2024 17:47:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pbs-user-sync
ads.stickyadstv.com/ Frame 7A22 		352 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1705254429645&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
844567481f0904dd399cb814af7779f43b6d5230d17419d7e93b8ee46f012b64

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Date
Sun, 14 Jan 2024 17:47:13 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1705254433373025-272
pixie
jelly.mdhv.io/v4/ Frame 9F88
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5ecef7acd4848427cfbe727e50671f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume914a_7324575840724119086&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAFMHU7LSDwAABkQtba67w&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWVjZWY3YWNkNDg0ODQyN2NmYmU3MjdlNTA2NzFm&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECMoDkg8ukLV_BqEB8oAtPs&google_cver=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5ecef7acd4848427cfbe727e50671f?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-uKdpn5tE2oNK0oGWzx5jRR3Z5CCPN6KPjG2qEi.h~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f36c96ff-27d2-4332-a53e-ba507f4b35ec&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=8114484655641338530&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=XtgZSJgx1Rp4zM5&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3605806&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=526c168f-3361-4ec8-a1b9-dce7246afa61
  • https://jelly.mdhv.io/v4/pixie?
0
0
setuid
elb.the-ozone-project.com/ Frame 34EF 		0
902 B 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5ecef7acd4848427cfbe727e50671f
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8457b3f0df68398a-YYZ
content-length
0
date
Sun, 14 Jan 2024 17:47:13 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 7E6B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157206&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 17:47:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.148.js
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| isModernBrowser boolean| supportsModules function| guardianPolyfilled boolean| shouldEnhance object| guardian string| pillar object| webpackChunk_guardian_frontend object| regeneratorRuntime object| fastdom object| guCmpHotFix function| guardianPolyfilledImport function| __uspapi object| _sp_queue object| _sp_ object| webpackChunk_guardian_commercial object| _sp_wp_jsonp function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| GoogleAnalyticsObject function| ga object| googletag object| permutive object| apstag object| _comscore function| twq object| pbjsChunk object| pbjs object| _pbjsGlobals object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| twttr object| confiant object| _aps boolean| apstagLOADED object| apscustom function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ggeac object| google_js_reporting_queue object| COMSCORE object| ns_p boolean| creativeVendorLibraryLoaded object| brandmetrics function| __assign object| _brandmetrics undefined| google_measure_js_timing object| Criteo function| __spreadArray object| apntag number| google_unique_id function| confiantDfpWrap object| studioV2 object| studio object| THIRD_PARTY_TYPES_TO_PING_AT_IMPRESSION_TIME function| getVPAIDAd object| closure_lm_274665 number| closure_uid_841862411 object| studioV2_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_148 object| Criteo_prebid_148 object| GoogleGcLKhOms object| google_image_requests

250 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ-N_WyNAxCgoIkQIQ-N_WyNAxCgoItAIQ-N_WyNAxCgoI5gEQ-N_WyNAxCgoIhwIQ-N_WyNAxCgoItwIQ-N_WyNAxCgkIOhD439bI0DEKCgiMAhD439bI0DEKCQhfEPjf1sjQMQoJCB8Q-N_WyNAx
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARD8Fg
.theguardian.com/ Name: GU_mvt_id
Value: 609853
www.theguardian.com/ Name: GU_geo_country
Value: US
.youtube.com/ Name: YSC
Value: nLhI4pkmMH0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JIYLjx0TREc
.theguardian.com/ Name: bwid
Value: idFromPV_tEb5qJ-RM9kev-yJdXQlEQ
.theguardian.com/ Name: bwid_withoutSameSiteForIncompatibleClients
Value: idFromPV_tEb5qJ-RM9kev-yJdXQlEQ
.theguardian.com/ Name: dnsDisplayed
Value: undefined
.theguardian.com/ Name: ccpaApplies
Value: true
.theguardian.com/ Name: signedLspa
Value: undefined
.theguardian.com/ Name: ccpaUUID
Value: 3e958a55-cfed-448a-a02d-ccd8173caff0
.theguardian.com/ Name: _ga
Value: GA1.2.209642913.1705254428
.theguardian.com/ Name: _gid
Value: GA1.2.1871103030.1705254428
.theguardian.com/ Name: _gat_allEditorialPropertyTracker
Value: 1
.t.co/ Name: muc_ads
Value: c5dc4a6d-2e7c-4601-8004-e6ea771b66aa
.scorecardresearch.com/ Name: UID
Value: 1EEc67bfffe0e2caed6ab281705254428
.twitter.com/ Name: personalization_id
Value: "v1_VySokdpfeOn2KCTRvDzFew=="
.theguardian.com/ Name: permutive-id
Value: 7a1e7ec3-dcb9-4b65-9467-08d01785ebef
.d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/ Name: pxid
Value: 2f91a9e2-6f17-43c9-8911-cddbfb4147a9
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.go.sonobi.com/ Name: __uis
Value: 03bf6ec1-8b1f-439a-ba21-3a956d84c42d
.go.sonobi.com/ Name: _usd_theguardian.com
Value: lrdsgh6lgipstxyb1dt8
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 32719628
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 32719628
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 32719628
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 32719628
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 32719628
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 32719628
.go.sonobi.com/ Name: HAPLB8G
Value: s8653|ZaQeI
.kargo.com/ Name: ktcid
Value: c5e2e7c9-9a43-0251-1114-1c374349b859
.3lift.com/ Name: tluid
Value: 2767268955237725445066
.the-ozone-project.com/ Name: __cf_bm
Value: 0W_iv38jDbg1bzelY2_GiutQjs9LgjQDFWaN_si05pg-1705254429-1-AfWs0kzPGpRav/VcAbUoBdy+jT18EPtiVywz1cmdNJljGbykdbzxwB2gnmtlgNm5TD0q/SoAz/AL1BrwhGoMWXQ=
.amazon-adsystem.com/ Name: ad-id
Value: A8nAiXstPEa0nqjcZc2-Nv4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 8114484655641338530
.casalemedia.com/ Name: CMID
Value: ZaQeHRs-KDzESOWdA5s7IQAA
.casalemedia.com/ Name: CMPS
Value: 503
.casalemedia.com/ Name: CMPRO
Value: 503
.smartadserver.com/ Name: pid
Value: 4695284997587168214
.go.sonobi.com/ Name: __uqc
Value: 1
.openx.net/ Name: i
Value: 4add3f02-c381-0a9f-3e65-837c4953261d|1705254430
.yellowblue.io/ Name: wrvUserID
Value: Ug5Nczx-kp_s
.openx.net/ Name: pd
Value: v2|1705254430|vMgavPkWgy
.onetag-sys.com/ Name: OTP
Value: 3tuo6xT5HFyrqHypndG9ZlzD5uLrXH4KwXB_eb4xjlA
.lijit.com/ Name: ljt_reader
Value: H_brhPZH6DnPiOsMRS6WPVr3
.go.sonobi.com/ Name: __uin_an
Value: 8114484655641338530
.doubleclick.net/ Name: IDE
Value: AHWqTUmpRdEPsxC_G_FzfGcl5kx6qsalGZBkMWtgWj5At_O9qzWpCYjU56vepT7SHc0
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NbU0MDUwMjM2MBbiM9RNDjSr8E3xz_Qx8c0AAPi7fwQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NbU0MDUwMjM2MBbiM9RNDjSr8E3xz_Qx8c0AAPi7fwQlAAAA
.contextweb.com/ Name: V
Value: opMFXkmpB964
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9b837a58ba7e7804
.adsrvr.org/ Name: TDID
Value: f36c96ff-27d2-4332-a53e-ba507f4b35ec
.adform.net/ Name: C
Value: 1
.33across.com/ Name: 33x_ps
Value: u%3D212420986209561%3As1%3D1705254430190%3Ats%3D1705254430190
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDcwMzEzMTA20FEyQuVamKDxTVH5hgYoGmoBkjYQHw%3D%3D
.demdex.net/ Name: demdex
Value: 58671835483808920232550995720394473524
.sharethrough.com/ Name: stx_user_id
Value: 7f17f30d-3f49-483a-87e9-c12bf3b9abf2
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f52a27e5-963b-512b-43e0-7607f1eb2d62.zU1wI4b4BwIaQZP18BuftMDGkozvxChl2Kox3LzYaLY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f52a27e5-963b-512b-43e0-7607f1eb2d62.zU1wI4b4BwIaQZP18BuftMDGkozvxChl2Kox3LzYaLY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9Son5ZY7UStD4HYH8estYmAJ-SY.sBJJ%2Fn9xxMeSR0u8Ol1Fp6eeOvN%2BaqTDTd7XSfmmxYI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9Son5ZY7UStD4HYH8estYmAJ-SY.sBJJ%2Fn9xxMeSR0u8Ol1Fp6eeOvN%2BaqTDTd7XSfmmxYI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdibiP5baNw__d6nb7zz9ewuzmnLmdXh0zaYLwTYwb9EHwYBCCevJCtBjABOgRvD7diQgT2DtdP.%2BhDS%2BoQrShzCplsBk2%2BYvhJTUEKrmIpb26awr%2Bhrllo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdibiP5baNw__d6nb7zz9ewuzmnLmdXh0zaYLwTYwb9EHwYBCCevJCtBjABOgRvD7diQgT2DtdP.%2BhDS%2BoQrShzCplsBk2%2BYvhJTUEKrmIpb26awr%2Bhrllo
.bidswitch.net/ Name: tuuid
Value: 7fa1b14f-0035-4358-a1a5-33197ff54bf5
.bidswitch.net/ Name: c
Value: 1705254430
.bidswitch.net/ Name: tuuid_lu
Value: 1705254430
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
.liadm.com/ Name: lidid
Value: 34ae49e4-5502-4fba-8e35-decc144ebe14
.go.sonobi.com/ Name: __uin_zt
Value: 1791377155905026303
.adform.net/ Name: uid
Value: 7020910070686028027
.dpm.demdex.net/ Name: dpm
Value: 58671835483808920232550995720394473524
.go.sonobi.com/ Name: __uin_st
Value: 9Son5ZY7UStD4HYH8estYmAJ-SY
.mathtag.com/ Name: uuid
Value: a5e265a4-1e1e-4f00-9280-198e628bf0f4
.go.sonobi.com/ Name: __uin_td
Value: f36c96ff-27d2-4332-a53e-ba507f4b35ec
.openx.net/ Name: univ_id
Value: 537072971|f36c96ff-27d2-4332-a53e-ba507f4b35ec|1705254430289223
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: 5ecef7acd4848427cfbe727e50671f
.admanmedia.com/ Name: admtr
Value: 3436f1ae-af3b-4fe8-87f8-c980a9ec95c1
.admanmedia.com/ Name: ac_r
Value: CS253
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwK_Y-SGh3ICJyh9DHI4nXGyJrtyQL1sCPfHqoHNnmPX5fcqIGr2luFJ9ZQC4TM1
.go.sonobi.com/ Name: __uin_pp
Value: opMFXkmpB964
.sitescout.com/ Name: ssi
Value: c42e8457-f2d3-4cd2-9dfd-a89425319752#1705254430336
.yieldmo.com/ Name: yieldmo_id
Value: VEirThhNNrhLv7tyL1D_%7C1705190400000%7C0
.theguardian.com/ Name: __gads
Value: ID=47d7ca6159690247:T=1705254430:RT=1705254430:S=ALNI_MafUcD9Z9-TwPfN9Xt7HIU_vnzf1Q
.theguardian.com/ Name: __gpi
Value: UID=00000db72c772f19:T=1705254430:RT=1705254430:S=ALNI_Mb66fr4YSy_Ai0SzCZODfZFghRpfw
.dotomi.com/ Name: DotomiTest
Value: 18da5639c48210b5
.simpli.fi/ Name: suid
Value: A96578CE3156412C894FDA61369418DC
.sitescout.com/ Name: _ssuma
Value: eyI0OCI6MTcwNTI1NDQzMDM3NCwiMzkiOjE3MDUyNTQ0MzAzNzQsIjciOjE3MDUyNTQ0MzAzNzR9
.tapad.com/ Name: TapAd_TS
Value: 1705254430371
.tapad.com/ Name: TapAd_DID
Value: e1c2e904-3ec3-4613-ac6f-c5a7a1b6acbb
.krushmedia.com/ Name: krm_usr
Value: 4dca9d3d-e51e-51da-b17d-3e200c96feae
.krushmedia.com/ Name: krm_r
Value: 572
.clickagy.com/ Name: cb
Value: ZaQeHv013-SSJnjDWpzDE7dC
aorta.clickagy.com/ Name: chs
Value: [{"ch":"185","t":"2024-01-14 17:47:10"}]
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJ3z9aTxZn-nEtyQUt8aFQE&KRTB&23025-CAESEJ3z9aTxZn-nEtyQUt8aFQE&KRTB&23386-CAESEJ3z9aTxZn-nEtyQUt8aFQE
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A96578CE3156412C894FDA61369418DC&KRTB&23486-uid:A96578CE3156412C894FDA61369418DC&KRTB&23489-uid:A96578CE3156412C894FDA61369418DC&KRTB&23539-uid:A96578CE3156412C894FDA61369418DC
.mgid.com/ Name: muidn
Value: o0eaNFYEJvL9
.mgid.com/ Name: __cf_bm
Value: JZ_Aqi5iKZiUyaN6cx60Soi1gNfN70egKzXGO46_NN4-1705254430-1-AYbQsBuAMefYiS/eMO7treQosEcJCQntYroJL1sWByquHhtFJ5Mg/hxZcBZzQE51DFd0wx/MzcaZ/WOYv/5D+pg=
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f36c96ff-27d2-4332-a53e-ba507f4b35ec&KRTB&22918-f36c96ff-27d2-4332-a53e-ba507f4b35ec&KRTB&22926-f36c96ff-27d2-4332-a53e-ba507f4b35ec&KRTB&23031-f36c96ff-27d2-4332-a53e-ba507f4b35ec
.creativecdn.com/ Name: u
Value: FVTDxmMKkdo3Ctu81qQ0
.creativecdn.com/ Name: g
Value: FVTDxmMKkdo3Ctu81qQ0_1705254430370
.pippio.com/ Name: did
Value: xuuNkfBjasLHaYXn
.pippio.com/ Name: didts
Value: 1705254430
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CJ68kK0GEgYIgr0rEAA=
.lijit.com/ Name: _ljtrtb_2
Value: D2D50F43DC4546B49B24C3B39721A84F
.turn.com/ Name: uid
Value: 8102553495565842921
.yahoo.com/ Name: A3
Value: d=AQABBB4epGUCEPKlHQk0x_6HQDWH8mPAB3wFEgEBAQFvpWWuZdxH0iMA_eMAAA&S=AQAAAg3vp4ktPZPPEEzr6CS2kxs
.bidr.io/ Name: bito
Value: AAFMHU7LSDwAABkQtba67w
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_84
Value: ZaQeHv013-SSJnjDWpzDE7dC
cm.mgid.com/ Name: mg_sync
Value: {}
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005%22%2C%22nxtrdr%22%3Afalse%7D
.media.net/ Name: visitor-id
Value: 3482560306634214000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.csync.loopme.me/ Name: viewer_token
Value: bebc0f58-6d69-4482-b486-e1f8bc632c5a
.lijit.com/ Name: _ljtrtb_85
Value: AAFMHU7LSDwAABkQtba67w
.server.cpmstar.com/ Name: USER_ID
Value: %85%af%40%fa%ab%99+%89%c2%f2%820%d3%5cD
.adx.opera.com/ Name: UID
Value: OPU0a0579c9338846899ced80fe1f7157bd
.go.sonobi.com/ Name: __uin_bw
Value: 7fa1b14f-0035-4358-a1a5-33197ff54bf5
.go.sonobi.com/ Name: __uin_rh
Value: qlNKKsCmqmp59UKhWeE_ixAl258sYBdLbtSMaRkk2Dk
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d835b4434b859bd20b3430c3607499a3
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLEwNk0yMTE2SbIwtUxKMTJIMjYxNkg2NjMwN7G0TDRmAILUJXJyIBoKADcvCWQ%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXSInB6SgAAAQngFG"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1dd0ccf2-4064-405a-b3bd-0e48f6154de6-005%22%7D
.linkedin.com/ Name: li_sugr
Value: 12163915-8b85-498c-80c5-41722806cf64
.linkedin.com/ Name: bcookie
Value: "v=2&fce3e5f2-383e-456a-8153-2ab53479e6ee"
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2734:u=1:x=1:i=1705254430:t=1705340830:v=2:sig=AQE-d2KK5t3_u6VnmI0OXsG3mK8FD0uJ"
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_16
Value: c42e8457-f2d3-4cd2-9dfd-a89425319752-65a41e1e-5553
.rubiconproject.com/ Name: khaos
Value: LRDSGJFB-1J-5J51
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 86e1f13e-635d-474f-9ff2-de0c76f493c2
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 40be924c-4f1b-4721-866a-6c3f0c19860e
.prebid.a-mo.net/ Name: sd_amuid2
Value: 40be924c-4f1b-4721-866a-6c3f0c19860e
.lijit.com/ Name: _ljtrtb_80
Value: LRDSGJFB-1J-5J51
.ipredictive.com/ Name: cu
Value: 526c168f-3361-4ec8-a1b9-dce7246afa61|1705254431147
.primis.tech/ Name: csuuid
Value: 65a41e1f28a06
.rubiconproject.com/ Name: audit
Value: 1|5S5s9a//6EW8ldm8F1XBFmQGYQ++lkTwHd4f7Crdeyjhj9K5Ghav9U2HvijYH6hnuGh6asGkOYQwHTRO1/p4iJhTlEWkyb93z+BTw9+h9R+M07NhaKWlpSLPWrOB3DwYwfwTC+gnCdvkhRT+/r9p1k4kGnFGDt9yYUeNf6iMsqPW4vJuGxjvTGdvoGLIiyOj
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 2WArcIqglP
.criteo.com/ Name: partitioned_bundle
Value: qazu-F8yaHhEYTE5ckwzVmMxOHNLc2d2OG8wZWlTcnlSV3V4QmoydjI2dW8zJTJGTGk5dnpoWmUxUEtGUG1oNE83UThxS3FpZDdmTVJGQzZWZG8wV0EzVyUyRlU2RndQUzUyJTJCU2dKWExsQ3BGOFpScnVydmtpdlBCNzllQkh5bU9YanN1cFRhMyUyRlRpcXdXdzNWUWJLUjFvclhzemVpbHJOZEJXU0czaVhXVHRoMUQzVlc4VjBvdkU2VlJhSEU4S3B3U0FnUG9MTA
.theguardian.com/ Name: cto_bundle
Value: ZfsKkV8yaHhEYTE5ckwzVmMxOHNLc2d2OG8wZWlTcnlSV3V4QmoydjI2dW8zJTJGTGk5dnpoWmUxUEtGUG1oNE83UThxS3FpZDdmTVJGQzZWZG8wV0EzVyUyRlU2RndQUzUyJTJCU2dKWExsQ3BGOFpScnVydmtpdlBCNzllQkh5bU9YanN1cFRhM21yazQlMkY0UkhCOUtqc2liMnJwbzZCZyUzRCUzRA
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1705254431484
.pubmatic.com/ Name: SPugT
Value: 1705254431
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtobmBqZGpiYmxkbmoKAGWpE-gQAAAA
.rlcdn.com/ Name: rlas3
Value: maHA8MJaNR2SeUUKe7RxZ2t7UPtNMI/056LXFKBwXK8=
.rlcdn.com/ Name: pxrc
Value: CJ68kK0GEgUI6AcQABIFCOhHEAASBgi46wEQAg==
.adnxs.com/ Name: anj
Value: dTM7k!M4/0DunaTF']wIg2GVVf.DQ]!]taL8bhzs#DNAqPYwUbU`mps=@h%uW!4#OUei@W[Q10-7ZUHT<QHImI.FB-I2BM$W!g7eAbm/b+F$%9+p!1cUq?C`$vYZ-1YtBf!!$xQ+><If
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSRFNHSkZCLTFKLTVKNTEiLCJleHBpcmVzIjoiMjAyNC0wNC0xM1QxNzo0NzoxMVoifSwidHJpcGxlbGlmdF9uYXRpdmUiOnsidWlkIjoiMjc2NzI2ODk1NTIzNzcyNTQ0NTA2NiIsImV4cGlyZXMiOiIyMDI0LTA0LTEzVDE3OjQ3OjEyWiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTE0VDE3OjQ3OjExWiJ9
.creativecdn.com/ Name: ts
Value: 1705254432
.go.sonobi.com/ Name: __uir_zt
Value: 140529736524972816
.go.sonobi.com/ Name: __uir_eb
Value: 140529749409874704
.go.sonobi.com/ Name: __uin_eb
Value: CAESEL3fSV-ir42jBpodRnk1C8A||1
.go.sonobi.com/ Name: __uir_pp
Value: 140529736524972816
.go.sonobi.com/ Name: __uir_st
Value: 140529736524972816
.go.sonobi.com/ Name: __uir_an
Value: 140529736524972816
.go.sonobi.com/ Name: __uir_td
Value: 140529736524972816
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1705254432850_0_14
.intentiq.com/ Name: IQSonobiCookieSync
Value: 1705254432850_1050214917_14
.go.sonobi.com/ Name: __uir_oa
Value: 140529749409874704
.go.sonobi.com/ Name: __uin_oa
Value: OPU0a0579c9338846899ced80fe1f7157bd
.go.sonobi.com/ Name: __uir_rh
Value: 140529740819940112
.the-ozone-project.com/ Name: ozone_uid
Value: 2axJjaFSWCtu0YJg5XJRTxurUPU
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!353-2!353
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 157206:3
.pubmatic.com/ Name: DPSync3
Value: 1705795200%3A265%7C1706400000%3A262_261_260_259_201_263%7C1705276800%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1706400000%3A165_104_166_220_21_13_54_250_71_3%7C1705795200%3A223
.go.sonobi.com/ Name: __uir_bw
Value: 140529740819940112
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2g6h:18z8~2g6h"
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMU1Qb0xkIzEwMTM5XzAmVTFNUG9qUw
.intentiq.com/ Name: IQPData
Value: 1611266342#1705254432961#0#1705254431482
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8114484655641338530&KRTB&23339-8114484655641338530
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-526c168f-3361-4ec8-a1b9-dce7246afa61&KRTB&23011-526c168f-3361-4ec8-a1b9-dce7246afa61&KRTB&23355-526c168f-3361-4ec8-a1b9-dce7246afa61
.adgrx.com/ Name: ADGRX_UID
Value: f2d4fe50-b304-11ee-b07a-530754f5bf46
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p4c|4is.0.CAESEEbF_HmmZ3Fq8XTrjfRNfBc|7LJ.0.03bf6ec1-8b1f-439a-ba21-3a956d84c42d|7dN.0.AAFMHU7LSDwAABkQtba67w
.thrtle.com/ Name: mc
Value: eyJpZCI6ImUzNzhjMjVmLTlmMGMtNGRkOS04Njc5LWI4NTYxY2VjODE1MyIsImwiOjE3MDUyNTQ0MzMwNzksInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-f2d4fe50-b304-11ee-b07a-530754f5bf46&KRTB&23275-f2d4fe50-b304-11ee-b07a-530754f5bf46
.creative-serving.com/ Name: tuuid
Value: 5b22f7fc-0d41-4fe3-9bfb-7c0697e28b88
.creative-serving.com/ Name: c
Value: 1705254433
.creative-serving.com/ Name: tuuid_lu
Value: 1705254433
.bfmio.com/ Name: __187_cid
Value: 501E6AEA-3A84-442E-BCEE-D90CC43CF6D6
.bfmio.com/ Name: __io_cid
Value: cae0d6d3b789c92e335f58bc71d498f503b49535
.id5-sync.com/ Name: id5
Value: b1136ec7-e34c-7959-a422-6c1a507894ff#1705254433014#2
.360yield.com/ Name: tuuid
Value: 1ae751c3-97ba-42a2-bacf-a4f214c82bfa
.360yield.com/ Name: tuuid_lu
Value: 1705254433
.360yield.com/ Name: um
Value: !79,yUyYWzJNjx8hMF1EbbsP8avDy8JDP6JBOQ3QE2PHYvjU0IIAm63EKmOB1M7rTj6FBcXjeFdWlhLiSeRK,1713030433
.360yield.com/ Name: umeh
Value: !79,0,1767462433,-1
.smartadserver.com/ Name: csync
Value: 127:AAFMHU7LSDwAABkQtba67w
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJmcmVld2hlZWxzc3AiOnsidWlkIjoiNWVjZWY3YWNkNDg0ODQyN2NmYmU3MjdlNTA2NzFmIiwiZXhwaXJlcyI6IjIwMjQtMDEtMjhUMTc6NDc6MTMuNDM5NDQxNTgxWiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIxYWU3NTFjMy05N2JhLTQyYTItYmFjZi1hNGYyMTRjODJiZmEiLCJleHBpcmVzIjoiMjAyNC0wMS0yOFQxNzo0NzoxMy4zMjk3NzgzNjRaIn0sIml4Ijp7InVpZCI6IlphUWVIUnMtS0R6RVNPV2RBNXM3SVFBQVx1MDAyNjUwMyIsImV4cGlyZXMiOiIyMDI0LTAxLTI4VDE3OjQ3OjEzLjA0NDc4NzM0N1oifX0sImJkYXkiOiIyMDI0LTAxLTE0VDE3OjQ3OjEzLjA0NDc4MzE0WiJ9
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 95557eed-cfee-35a8-8741-0004045505e4
.technoratimedia.com/ Name: tads_uidp_44
Value: LRDS2TW4-1-FFRH
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 8401176496255853801
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAFpOo45jfhiwNf8QnZAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 87d42d7b-5a56-4296-8f87-449f0ae43d34
.technoratimedia.com/ Name: tads_uidp_61
Value: 212320523242506
.technoratimedia.com/ Name: tads_uidp_62
Value: 3482553906634447000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: jqUSNxMAhpQhzcNVBWhGF1bw-PMhGNR7
.technoratimedia.com/ Name: tads_uidp_7
Value: d9d8cfd3-4558-4a79-82c3-a381582df421
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFMHU7LSDwAABkQtba67w
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-a2d53218-c44f-4c2a-bf7b-9f968202f25a-005
.technoratimedia.com/ Name: tads_uidp_77
Value: MBruDym1rD0G8MVzVSqyr7w6UdbmhxWo3HMQ9drybMY
.technoratimedia.com/ Name: tads_uidp_79
Value: 56636e2a-0bf7-42fb-b76a-96cf6b046d4e
.technoratimedia.com/ Name: tads_uidp_80
Value: y-92mhfylE2uHH7hKeoPWHThJnzVaStxSc~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZaQbnsJ3J4OeS8B6k1SxHQAA&1460
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 295948518131594884288
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230719045631+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFMHU7LSDwAABkQtba67w
.pubmatic.com/ Name: PugT
Value: 1705254432
.fwmrm.net/ Name: _uid
Value: ume914a_7324575840724119086
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: ume914a_7324575840724119086
.ads.stickyadstv.com/ Name: MRM_UID
Value: ume914a_7324575840724119086
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAFMHU7LSDwAABkQtba67w
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESECMoDkg8ukLV_BqEB8oAtPs
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-uKdpn5tE2oNK0oGWzx5jRR3Z5CCPN6KPjG2qEi.h~A
.ads.stickyadstv.com/ Name: uid-bp-892
Value: f36c96ff-27d2-4332-a53e-ba507f4b35ec
.adnxs.com/ Name: XANDR_PANID
Value: DHjz5NCBVyGZe6HXgOMDvCKfCrBN7NS-ybBaiNPUmo8TAfz3sl9tHbKb9kvGWm7jFg47ymA_zZpxuuAZWlB85rQtcHGvm6I7jZwA4u2F3bI.
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 8114484655641338530
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi2pbf028zKPBAFEhQKBXRhcGFkEgsIwo_q3NvMyjwQBRIWCgdydWJpY29uEgsIkKf24NvMyjwQBRIWCgdzdng5dDUwEgsI3q2N89vMyjwQBRgBIAEoAjILCICPtLDyzMo8EAU4AVoHOGg5dTExaGAC
.lijit.com/ Name: ljtrtb
Value: eJwVi70KwjAQgN8lswfN5a5p3JLGWEIdahHBrTbtoCAOYkHx3U3X7%2BcrUGyFR89FIOVrYiodGYdUK6eMRmkrCmIjZJm7kXCqiDXMmBTQmBBMmhMMlSFkJY1mhJIHkpOcgJlVPqsin%2B3R9%2FsYHMgIHFmunDK%2FDN3UvAupoO%2Fj4%2BbPz4%2Ff6VSvnrO3Nhyak257v1jr7t3rOpR6Eb8%2FjC0tgg%3D%3D
.lijit.com/ Name: _ljtrtb_27
Value: f36c96ff-27d2-4332-a53e-ba507f4b35ec
.w55c.net/ Name: wfivefivec
Value: XtgZSJgx1Rp4zM5
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: XtgZSJgx1Rp4zM5
.id5-sync.com/ Name: 3pi
Value: 434#1705254433123#1050214917|2#1705254434445#-616725845#8114484655641338530|264#1705254434587#230999507#f36c96ff-27d2-4332-a53e-ba507f4b35ec|155#1705254433739#-313293170#AAFMHU7LSDwAABkQtba67w|203#1705254434288#-92201759#86e1f13e-635d-474f-9ff2-de0c76f493c2|124#1705254433413#-1177215648|108#1705254433571#1702149681|429#1705254433259#426106057#501E6AEA-3A84-442E-BCEE-D90CC43CF6D6|1245#1705254434735#-178374314
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 526c168f-3361-4ec8-a1b9-dce7246afa61

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, microphone, midi, geolocation. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other warning URL: https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js(Line 1255)
Message:
Unrecognized feature: 'web-share'.
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20FEA477D7-E748-4899-82A8-124C1887F622&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.theguardian.com/world/video/2023/dec/28/russian-stars-semi-naked-party-sparks-wartime-backlash-video-report
Message:
Access to XMLHttpRequest at 'https://static.criteo.net/js/ld/publishertag.prebid.148.js' from origin 'https://www.theguardian.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.criteo.net/js/ld/publishertag.prebid.148.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=86e1f13e-635d-474f-9ff2-de0c76f493c2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=03bf6ec1-8b1f-439a-ba21-3a956d84c42d
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3e4f9cd83e8cad12cd5d4a3df992d12.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
ad2.360yield.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.twitter.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.nextgen.guardianapps.co.uk
api.permutive.com
assets.guim.co.uk
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.permutive.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
contextual.media.net
contributions.guardianapis.com
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.krushmedia.com
cs.minutemedia-prebid.com
cs.yellowblue.io
csync.loopme.me
d.turn.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
dis.criteo.com
dis.eu.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.guim.co.uk
i.liadm.com
i.ytimg.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jelly.mdhv.io
jnn-pa.googleapis.com
js-sec.indexww.com
krk2.kargo.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
onetag-sys.com
ophan.theguardian.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
pubads.g.doubleclick.net
px.ads.linkedin.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
sourcepoint.theguardian.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
t.co
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.theguardian.com
www.youtube.com
x.bidswitch.net
jelly.mdhv.io
static.criteo.net
104.18.36.155
104.18.38.76
104.244.42.5
104.244.42.67
104.36.115.111
104.36.115.113
107.178.254.65
107.23.224.83
13.35.93.125
142.250.81.226
142.251.40.162
147.28.129.37
151.101.65.111
162.19.138.120
162.248.18.32
162.248.18.34
162.248.18.37
172.64.144.78
173.231.178.115
178.250.1.9
185.167.164.49
185.184.8.90
192.132.33.68
198.148.27.131
198.24.162.123
199.232.36.157
199.38.167.130
20.40.202.2
207.198.113.204
213.19.162.90
216.200.232.249
23.105.12.150
23.105.12.158
23.21.51.122
23.32.172.185
23.47.170.102
23.51.57.13
23.52.160.28
2600:1f18:4e9:5a02:bfa:a46e:1266:8631
2600:9000:215f:e400:1b:6b7d:2300:93a1
2600:9000:2510:1a00:1a:5235:f980:93a1
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::ac43:17ea
2606:4700:1::6813:834c
2606:4700:20::681a:d12
2606:4700:4400::ac40:90a6
2606:4700::6810:3965
2606:4700::6811:180e
2606:4700::6811:7711
2606:ae80:1451:24::730
2607:f350:3:2569:0:10:0:a
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c09::9c
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:80f::200e
2607:f8b0:4006:80f::2016
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2006
2607:f8b0:4006:822::200a
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:1ec:21::14
2a04:4e42:200::367
2a04:4e42::367
3.161.212.32
3.161.213.49
3.161.213.50
3.212.106.63
3.216.208.235
3.222.179.146
3.229.81.23
34.107.254.252
34.111.113.62
34.200.65.202
34.203.113.223
34.206.181.88
34.224.134.119
34.224.207.11
34.98.64.218
35.194.66.159
35.211.178.172
35.211.68.203
35.214.163.22
35.241.9.51
35.244.154.8
35.71.131.137
40.76.134.238
51.222.39.185
52.204.171.89
52.22.192.2
52.223.22.214
52.3.200.189
52.46.151.131
52.6.81.107
52.71.68.246
52.85.107.191
52.95.125.22
54.152.0.153
54.192.51.26
54.192.51.45
54.73.52.131
54.83.89.247
54.86.180.217
63.251.28.134
63.251.86.49
63.251.86.50
67.202.105.21
68.67.160.26
69.173.151.100
69.194.240.13
74.119.119.139
74.119.119.150
8.2.110.134
8.28.7.83
8.43.72.98
80.77.87.163
82.145.213.8
00e3b013b34ea6255881e4c5758e03cd30bb899226e02acf9da207f464fe59ca
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
024f56ff441c6c80256a27ec906142832a96d58185ce75e71550eb2aae29249f
02c0cbe546ba44e894b230fbea98d61696d494b7c1c7d25181780eb6a6f71e08
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
04dae8172d2657267e475430db9f2e90ba043c5991a6f678e7f3a59ef15c5d09
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c67f73167ff409aac284b1f47dd6fcfe29cb6d1b3df2e7246a35e8d130e70b1
0cc18b8e79d8ffa78006dd778f2d99f553265c1eca34bcefd1aa9fa4af979dae
0f0c4b39d863ac2ca20e15b9ee2a177c5fea8e6b61c5065470c150a7280d39f7
10494dc8942e3292329f0c9d34df46217852802bc4b0922e9f242a8382225ba1
12b06a4e5239f0b660b1b2e4420267e6e93769ef0db44c868ac887ad8abc2988
15e9b4734176d037f86be9612a437692efdc4596c5708710eaa69741ec265838
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ec20e67ac7507a2831e18f4f0d53fd8882be8e0f0faf4f2f8c3f484d58d1812
2159f76936ae83fe443527d34e35aeecb89f7af76ff5e1ae42743c24ac73330f
23cb00f0b8285fd51a4f2b989f0dbe03c616ee1e53b5e500ca140642a8579ca4
26d93964c121853f1bf5637504f40f3ae514fbe74546b361507c5c7f042ced8c
294d5775f4505a6883dc8c1d38051953cd47360e20a6d52d40e8acbfe71750a2
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2da38ec833805e861d825fbf2cfd62b4bb6be8c37eab0c4206fa1b3c3dadb8c8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041
301032a8545e5d61f85824d1db6d94658245dfd833f9ece6af10db7ab321707a
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32be42cc303826b36438a523c2573736a8af69e8d1ce9018e409849275795c81
32c9e03c26249ce618d2733949ec30b2017303efcacbe2dafd2d661efef5158c
38f125a14acbaedfc35b2cdd3ec7a772626dd6e70c29cff8d188fa2998aeaef5
39f9a5e3c64c05b4ab07da776e1898bdb4d023bf907aa14a1eacb9b9ac76b2c9
3cd9edb43e227a854ab5185ad5e4ae815317bd8e607259068a9918222c04771d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40494eeced6cd53f8eb89e58dfcef0a9cc46a203b8f5b7426e1d8427942e7b2a
407c822fb700f4775c0b6ae9841d23f3cf53e3c98bedbfc82606c84a731cf947
42a703693ed1cb94133924e5be60a8502f574bc8308a6632170d62b6527fd206
43b77d422850624348ebf481190207a1c9e059e2e95235f7d3afe13969024d56
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445006dfa707aa3527518a97c990079a0d4a6622258d5c81fb038bbb3ff4f0b8
446d68e0c894bb57738051cc2f45df72e390c00d6651705352c89f0a308faf1f
4518f03280ea3372a2b9702b699ba79e27bcd6d1ee95c0fb38f1590673ff0d75
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
46e97944b7e167434fa20cfb0cb6c6ad36d4e67ef3a3b39c05dab09c839a0518
48990bc28f00611eeb52e4a538848c2b06a12938311f92bed8bc7e80465c2b36
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49cc59ca76ea44093b2f3409c99a09031522ca786f83e7875c2400590c55e9b3
4a6e42df592f9fef10d8707e673f1a66671e31c48cfcc1282f759654810652f7
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3
4b224021bc64ccb3bdcf0932c088728ab60cc1a7b7c64eeb3a0688ff3857f204
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7f2e32a50c61ed06c165c6a495bb258b9d2296c629331e5ade48a3f5564eae
4c60716f0c88a8320e6cd175e64b7f686db6a4fc1f4dfea640e3df2c3fb77cbf
4cc3057f446f03f02d1486db8704224e224169b0174ff0575c7a6f472495a694
4cff692f1ec9e8d1518cbadbd290bd35c023a8949667565e871c13dc9cd75aad
4dc005fb83e7953760744f8ce122ae63a2ca1f81dd61e717ddab5dd37f657b4c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea1e2a71ac27dd98c9cf62683c663c9f92db14fd6e7996a560317f2d7b0ccb9
4f0da88f68764d78fae0e1ef4b971a12953282587e5f9b2d5b1907aea5c6c883
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
4fa9675b7cbdba5307d9d411e7a76f13d1b6b462844cdbf3d918f37bfdff029e
52744fb63afe4c867f1d2c69054cfb1ba8f63fae195e007fcf58ab9f1f3a30ff
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
53a72646b4815557140e729b8cc191f120d135a11253c0a213c3c8c0e2578fc4
54f37d91c74ec794994462438f9760e481af46aadb2054cddf74595c69a08d48
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5728dcba7afa208dcef947013cb83d74994fa5c723fee0c4a84e050412f06711
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab0414807c5edeeb9964424a6ca55e9f8cc431fbcdfaf235b6fe1d3f2fbceba
5abbb193961a4a7b0af255f4a2fc329d0c73214dad6f7cd8b2963a938bc57699
5b16d831d63765c8f34acc99821d8418809b3d3486aa84b694dab116a32ee671
5eaa7879f0ec42327ff6e4537397b8af43e6d591b3d63a555f535d2549194bba
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622c3fa0be0c5f2444312245d85a0eec5e475b305acc686fb3f9a08d62b1d723
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
6835c345fd1f9c7c4df26045a8f4ed1ec7c602dc60fbc6d053bf992ad61ffda5
6ca179c106fafa2b832c40ef92e040bddd5b2cf1615a417a950e664f0d4022b3
6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa
6f8512a62bde2aa2a50bdd3d58eceebaabfadd325a0b81b144a3e3c34cf5a678
7061a231754256284569c8a443c965b6a3a96ed9369a71cb94c6a2a0f18242c5
71747f28ba67aae7909bef6124f98669986e44179424ae73c9d311c260c9ddad
72daac35cebc13804ba9b23e68258c5ca4a4699a4fa53fe6761b553249662f1e
732693f538e4d28b2bc0b7d7bff40f84effaec15b151a40393bc376e673e1298
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5
7c7c877d99de88d1191c44385c76d8a7165de72da9126c9ac8b8dfee948d5251
7d4a8f095c973333ba127ae2ab0681c2efa90ec432472cbc56401c7011814d74
7e9a2663c0d712b0e1cf03344736818d3343f0aef4d18159097458affbaba755
7fdb66711a1ebf63a8d9bf947367feafac71e2e306ea85c263a6d70211ddcfba
806ab4fca2837f60019aab2490b0bca9fef32cee727ee4d461949369c30436c3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aa797e5f1f213bf1b3465168e50caea42401281d4d4f74c95ae023b42ed6c4
844567481f0904dd399cb814af7779f43b6d5230d17419d7e93b8ee46f012b64
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85f0ea3b2226011e7bb03d720b74b7a84c7d9a316fdd86fdae14f8412f300c36
861514fb46bd4437256c82be0c1ccfe20410db218106bfbd938cfd9ae2b5b4ca
863cc6eddbc6adc4768bdb8acf71c92e046ad8a0c0642ea44918945a565d5b64
863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2
869aeeff0e1525f5f26f2b16703ea69dc4aa3186760428eef03f3a4bf7dad4ac
87da84bc420de976849b1b4918aad5d2db40001ea2fc1698df87f99cd123b824
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f1100ae4dc74b216da3bcd2a56fc92f5f4877ff5e0184322d6ef2c400d6a938
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f81f254f97a956e3452b130bf9a21ff4810194d89a05515581ff1fff89c9362
9049341740f1f9d0914e2cbd3942ca7d731b90c8413b9734239e87295c428a42
9146295851ab3de62ce699b258996cfd18916e35191a6c23be301adde6bfef55
9242473df6c9fa12d9b72762779965d365f70b2f7883abd9afe8312b8173646e
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed
93581db1a65b27c5928e44993972b4a991d91af679d6761c4f725bf346cba369
93abbe9a158ffb11fd2ba05dddff30ed3d7205bed155ff90160287f353cb749b
941e970ab8b080da214361dbff1bb84ed52f1b5e0221ba5ee40c37373acfe31f
9543637d94924b80dfa0264249c4dc7b68a2bd268d3c2712d646abd9dae33139
97bef2c4eb339325f9a5ec55f7aadc0eaa1ff08ac729b10bb0b0fcffedea5fb6
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9c020dd645e8bfc1f2e6ba6efed285afa562de1022f956aae149344679bf3437
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e897e9d98026dd901cabebdf3debaf570f157f68ce206b051c713544efc317
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3d67f59f0c45730638ff143af2b728cdcc9506a279e1c50791432a2c891e969
ab17be372bef91eb0e542a362ad0781ec3ad8e31bbcc606dafbbd38f6e618d70
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad4c36e3f869d992fa38a94a3b4818b87613b5cb5720c99684c2c53fb07050c1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
b0dfb89a0487d5e38d1230d2b1e3eb1801d13d92aad242ff2b339593fa487b90
b0f08d0f2a34cb2afd81ec9c0cbce1f28d94cdb1b768d37ceb198cdcf2396175
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b62961df0ee4bf3bd8272adb82d45ae59ce6df736d47cbcfacf58df6830d1d47
b7b720f057b1dea4aaacbc3ca253abb9fde74b01d93ec13c4d086e1ec62df5b4
b95dfdfcfc84144703a2769642a8aa8e823599e23e5d9a7537c9f972a9fd9099
b9adc80161a2653e2985717aa116113bb1f8d788b7b70e26e2a52da1690c8dff
ba066e9d186223bbd8976a81d246f23408c1aac7227f13f1b0e278d858c72751
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8
bf423c190f84212700affab39414ef603a19c4701b4e845fe31d085c9f57c534
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a8de3790bb041714486d34cfd0fdc8cbdca3f1af513738a4bb89b8222c5d84
c3edf7dbd6551b94a3eba57ba33f175e050a01c02b2b38cef48d93bfdb8b3dbb
c8b822804a95224a3a4d16f0d806e0b9cf966a6e964994d4a3bc38e553743e8d
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce2bcf3b6054a79cf1970c4a5ccb7e9423e424b85fa4f2faba27045fa99d86d8
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfcfe696bf1d62f184f4fe18ac3bf403db9f4eb142adbbdff186e7ff88bbce86
d1043dca96dea91c6635f0b5af70adc8f1bfa32c412991ff70e7b3c33cada168
d24732546caa624472910b402cb52d6c10ab8e56a5e082d465a970e806c9240a
d2593619d77e4985480d036d90888aae1b05c24dccde4be14c385856a0311d15
d4d4f4713af3f9e04d04af8a36cd410d8fc24ae9528378f7ca17a6c93df90eb4
d7d4e1e97752011cac79912f9d79a095322da5c50a686b32c5c7bad2bb522d2b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98a90c5ca673bc086842e5cd3189cd2bbd9915b82b2f64fbd5211e9b0d6d79b
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
daa5a46c95e93d55aad64732ba9de2358ab39613e7670dd1123a6b166393ba66
dcfc77dfa2ae1ae96f91822d3aaaf22033381d7af4d7c7500efd2bf9a8cb4861
dd5eb6f494c15e13931ccb52737680499868f1cfe2e5b5c55b7834b29e0fe5a0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa68f5d137ec903d4517a04c15cf5a9729b011aedc21d464d3186ce4a9f6b21
e105d843d0cbcf33a8e5a1772e132b543768568a98a0b0183f2c7919ee64e568
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77d4745f8b8f60fd0bcccda0394c0eab1c2d2d4b6635cee2b1217d7fb893540
e8e5b88dcf5846b8a0b10870993062b797e49a4fae3984e0ebfff5542b96399f
e98d360dfb4942c7ef43688eb3ae9fb67020c061c6a6583501d12e39930b0eb9
e9cf86ce529e62f4bb189cdac035ee6f01bbecde9b0218b6a83d2672081a00eb
eb2055e8715947b37f3cdca0e15227d6664163b8d86357c24c385da20dba00c0
ecce0ff44c16c52e8d3980fdd2f51414167c8c92c5d7699daf8507b3459e4f7e
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
edd741ddba410c2881bd5607e39e79f604982485cbe8d4c3de663b35667b0c04
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ec295e0a03ab7ca6240f83211801ff209ad5781ff26970c55f1de83bd0b3ad
f25973d65397d190dac2b12889e5786f875cf5eb03f8df91c987e9ae2b90bd78
f26832526ed01712d801e6b4122dcdc6438966bf0629d7ee98ddb7f11719e4b4
f2d8406975c01871f26ae31443d3b578ff57ec6524c76ebf059fc832ef974d52
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f618846f5d2dc7179b03033c95600561717991f7d65e1a2509ddef43a192916d
f662d3de8af575bfcdbf0ea658a587e12355ed05c5a3245384cbb04e5b1ce347
f77785242f031ba78562f8ff850589917f8ac10af00516bedba96dd5025976dc
f81f2d44b7cde8494179be811fe3d614d363ffce7907a96b016f2120334cce65
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e