www.getty.edu Open in urlscan Pro
108.139.47.8  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.getty.edu//art//provenance// HTTP 307
   https://www.getty.edu//art//provenance// HTTP 302
   https://www.getty.edu/museum/research/provenance/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&e_ipv6=AQJKdZ40HU042wAAAZEGmSr0u-ZBL9hlA7U90DgqBhQ0_MR6ra6FI_3ZwTehQcmHNjUriemj

Request Chain 44

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_cm&google_hm=ay1qU1ljTDRKT2VkZ3RjeE1mb2hvRjlIalRLcC1iMXJKTkJPMTY5Zw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_cm=&google_hm=ay1qU1ljTDRKT2VkZ3RjeE1mb2hvRjlIalRLcC1iMXJKTkJPMTY5Zw&google_tc= HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_gid=CAESEHb9sX97vlfEPpz9KuRFMNA&google_cver=1&google_ula=913071,0

Request Chain 45

• https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30

Request Chain 46

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1264143055003058

Request Chain 47

• https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&custom=&tag_format=img&tag_action=sync&custom=&cb=929c6696-c6a3-472d-9c50-9fbec3f751ee HTTP 302
• https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=929c6696-c6a3-472d-9c50-9fbec3f751ee&final=true&reqid=d3083d50-4ee3-11ef-9f03-874a96255290&timestamp=2024-07-31T02%3A23%3A07.685Z HTTP 302
• https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
• https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1264143055003058&tag_format=img&tag_action=sync HTTP 302
• https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
• https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=7f17c75ab1195c614613c8eb2b66509b&tag_format=img&tag_action=sync&cb=47529185 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
• https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=ee95b132-a258-4cba-8448-6ee34dde72da&tag_format=img&tag_action=sync&cb= HTTP 302
• https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d&cb=1722392588155&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1722392588155 HTTP 302
• https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=a3c45797-c821-478f-8475-2f581ecf35d1&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1722392588155 HTTP 302
• https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
• https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=d372bef0-4ee3-11ef-852c-b3948ba04f6d

Request Chain 51

• https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
• https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=-JcSESBlKWIm8SVXrAUkkTns_y6dXPzC

Request Chain 52

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow&C=1

Request Chain 54

• https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw

Request Chain 55

• https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-HQyfvIJOedgtcxMfohoF9HjTKp_sNaOrlL43dQ HTTP 303
• https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-HQyfvIJOedgtcxMfohoF9HjTKp_sNaOrlL43dQ&_li_chk=true&previous_uuid=860f1ca8fae845e6a567468208e923af HTTP 303
• https://x.bidswitch.net/sync?ssp=liveintent&user_id=860f1ca8-fae8-45e6-a567-468208e923af HTTP 302
• https://match.deepintent.com/usersync/129/store?id=&ext1=liveintent&ext2=b28fc182-2c65-4a20-98b3-39641a9ead1e HTTP 303
• https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_3393708cfff6464b89058&ssp=liveintent&bsw_param=b28fc182-2c65-4a20-98b3-39641a9ead1e HTTP 302
• https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e HTTP 303
• https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e

Request Chain 69

• https://eb2.3lift.com/xuid?mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 70

• https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-4RcxDIJOedgtcxMfohoF9HjTKp9mW91Pzl7r4Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=OGIxMWI4MGUtYTgyZS0zMDM1LThmMmMtZWY3NTYyMjJlNjhh&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
• https://cdn.aralego.net/img/1x1.png

Request Chain 74

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request / Show response www.getty.edu/museum/research/provenance/ Redirect Chain http://www.getty.edu//art//provenance// https://www.getty.edu//art//provenance// https://www.getty.edu/museum/research/provenance/	6 KB 3 KB	320ms 320ms	Document text/html	108.139.47.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-8.jfk50.r.cloudfront.net Software / Resource Hash eb4fd272bed59cc56743956d52112c95183811e53b9494a23223e250c13c0553 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control no-cache content-encoding br content-type text/html; charset=UTF-8 date Wed, 31 Jul 2024 02:23:04 GMT etag W/"745a50e6c69d617950e111b7428fb5a8" last-modified Tue, 06 Feb 2024 17:50:08 GMT strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) x-amz-cf-id 0RfvHr8HvA9ZsUC1rQsm9H7ZSpdjsjJ_XIZbZhr-9yKRGUNQX1NApg== x-amz-cf-pop JFK50-P1 x-amz-delete-marker true x-amz-error-code NoSuchKey x-amz-error-detail-key museum/research/provenance/index.html x-amz-error-message The specified key does not exist. x-amz-version-id null null x-cache Error from cloudfront Redirect headers content-length 233 content-type text/html; charset=iso-8859-1 date Wed, 31 Jul 2024 02:23:04 GMT location https://www.getty.edu/museum/research/provenance/ strict-transport-security max-age=15724800; includeSubDomains via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) x-amz-cf-id jmhX-wuC3BebVQ46gQji4zaO0wdMZT_CeoaFmglkLyfupPlWt7idOA== x-amz-cf-pop JFK50-P1 x-cache Miss from cloudfront
GET H2	200	runtime.cb36e77.modern.js Show response www.getty.edu/_nuxt/	3 KB 2 KB	354ms 353ms	Script application/javascript	108.139.47.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.getty.edu/_nuxt/runtime.cb36e77.modern.js Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-8.jfk50.r.cloudfront.net Software / Resource Hash db97617cfeec43090f1c12956d24b1087bcbc426b073eac71f6034fc599af334 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.getty.edu/museum/research/provenance/ Origin https://www.getty.edu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:05 GMT x-amz-version-id aOnn1W0vX_wgDokNrjdtvDrakAmy9Tbi content-encoding br strict-transport-security max-age=15724800; includeSubDomains last-modified Fri, 09 Feb 2024 20:42:04 GMT via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 etag W/"b90b61a7bbe152db83db95bb38029df7" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript access-control-allow-origin https://www.getty.edu cache-control public, max-age=31536000, immutable x-amz-cf-id snFXM6hcYip4n-JhjnTlNd9KPsljEv-THUnqPHmIliUM_bBV6v9L-w==
GET H2	200	app.873700d.modern.js Show response www.getty.edu/_nuxt/commons/	330 KB 102 KB	370ms 369ms	Script application/javascript	108.139.47.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.getty.edu/_nuxt/commons/app.873700d.modern.js Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-8.jfk50.r.cloudfront.net Software / Resource Hash a35df7f09e4a7aa5a0818a5d69b98cad6fa1b7ce46a680506c475d58a41ea8d5 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.getty.edu/museum/research/provenance/ Origin https://www.getty.edu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:05 GMT x-amz-version-id piZOoQ.uX3s.UN4nqSygBRkazoIupz7Q content-encoding br strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 28 Feb 2024 20:19:18 GMT via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 etag W/"0577a8b9a8b788ca27822b6defaf0b81" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript access-control-allow-origin https://www.getty.edu cache-control public, max-age=31536000, immutable x-amz-cf-id cBeDR-WY5wYiB_eLipi7Ho_QXZwqVMrNJFM3buSb7wIKRrQFeVvcog==
GET H2	200	app.0b9fa31.modern.js Show response www.getty.edu/_nuxt/vendors/	6 MB 2 MB	255ms 254ms	Script application/javascript	108.139.47.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.getty.edu/_nuxt/vendors/app.0b9fa31.modern.js Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-8.jfk50.r.cloudfront.net Software / Resource Hash 4fa974fe82857a032e2f7b90fca178f490014c08b4044c0355e7815e6a574bf8 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.getty.edu/museum/research/provenance/ Origin https://www.getty.edu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:05 GMT x-amz-version-id GikpEfrMHiumc0F_4ReLy.D36Fhlg0Tv content-encoding br strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Feb 2024 19:09:56 GMT via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 etag W/"ce6d44513f4fe95d0d983c5ae592c69a" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript access-control-allow-origin https://www.getty.edu cache-control public, max-age=31536000, immutable x-amz-cf-id nmR1XzUYMwk4Q-iMcYEVDLiavb8bGYrrp6m0xL0Dap5v21BOMdUf-g==
GET H2	200	app.a12aee3.modern.js Show response www.getty.edu/_nuxt/	318 KB 46 KB	258ms 257ms	Script application/javascript	108.139.47.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.getty.edu/_nuxt/app.a12aee3.modern.js Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-8.jfk50.r.cloudfront.net Software / Resource Hash 81908d6be8c896ade8cde0231745872f29079521fab7b286c740afd039112ac5 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.getty.edu/museum/research/provenance/ Origin https://www.getty.edu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:05 GMT x-amz-version-id wTVBR.9FhDNnF4gH4cwIyJEI5uOLveBU content-encoding br strict-transport-security max-age=15724800; includeSubDomains last-modified Fri, 09 Feb 2024 20:42:04 GMT via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 etag W/"450a270010605cfadf861c55e01d509d" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript access-control-allow-origin https://www.getty.edu cache-control public, max-age=31536000, immutable x-amz-cf-id bW_gTXNepUwdb4YZ_KObmf3sZzCjy062mozLHGtby4qYebdqYmzEeQ==
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	129ms 59ms	Script text/javascript	2607:f8b0:4004:c1d::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: www.getty.edu URL: https://www.getty.edu/_nuxt/vendors/app.0b9fa31.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0a1e7c0eaf59d6f3eba201c7ce0f90706c13840b2b121c7d6f15fd48b8f2ebdc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:05 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br content-security-policy-report-only base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-NMJdg4bIP8B0NQdLE0L2hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline' p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Wed, 31 Jul 2024 02:23:05 GMT
OPTIONS H2	200	/ cdn.contentstack.io/v3/content_types/search_top_card/entries/ Frame	0 0	82ms 18ms	Preflight	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.contentstack.io/v3/content_types/search_top_card/entries/?include_content_type=true&include_count=true&include[]=image&except[BASE][]=_in_progress&except[BASE][]=_version&except[BASE][]=ACL&except[BASE][]=created_at&except[BASE][]=created_by&except[BASE][]=updated_at&except[BASE][]=updated_by&limit=10000&skip=0&environment=production Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software contentstack / Resource Hash Request headers Accept */* Access-Control-Request-Headers access_token,api_key,content-type,x-user-agent Access-Control-Request-Method GET Origin https://www.getty.edu Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-headers access_token,api_key,content-type,x-user-agent access-control-allow-methods GET, HEAD, PUT, POST, DELETE, OPTIONS, PATCH access-control-allow-origin * access-control-expose-headers access_token,api_key,content-type age 127 content-length 0 date Wed, 31 Jul 2024 02:23:06 GMT server contentstack via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-cache-hits 924, 85 x-keda-http-cold-start false x-request-id a2686534-1ebc-4a92-8c16-166337bec946 x-runtime 0ms x-served-by cache-bur-kbur8200178-BUR, cache-yul1970050-YUL x-timer S1722392587.506618,VS0,VE0
GET DATA	200 OK	truncated /	36 KB 36 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c52fc49981ed06911b4cf3765c39e8bc616d7f4de380099c6cc2c905f2d2ff69 Request headers Referer Origin https://www.getty.edu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type font/woff2
GET H2	200	gtm.js Show response www.googletagmanager.com/	320 KB 108 KB	122ms 52ms	Script application/javascript	2607:f8b0:4004:c1b::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NRDC63K Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2a5c559082488e25e40238d379d467dd0368eb3f048898681e315dfd19178434 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 109702 x-xss-protection 0 last-modified Wed, 31 Jul 2024 01:11:33 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 31 Jul 2024 02:23:06 GMT
GET H2	200	/ Show response cdn.contentstack.io/v3/content_types/search_top_card/entries/	92 KB 19 KB	23ms 23ms	Fetch application/json	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.contentstack.io/v3/content_types/search_top_card/entries/?include_content_type=true&include_count=true&include[]=image&except[BASE][]=_in_progress&except[BASE][]=_version&except[BASE][]=ACL&except[BASE][]=created_at&except[BASE][]=created_by&except[BASE][]=updated_at&except[BASE][]=updated_by&limit=10000&skip=0&environment=production Requested by Host: www.getty.edu URL: https://www.getty.edu/_nuxt/vendors/app.0b9fa31.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software contentstack / Resource Hash 66f8c8cfedbd1475548a9896c3535b5645b339b31c202b4a7726159c8258a92a Request headers X-User-Agent contentstack-web/3.15.3 Referer https://www.getty.edu/ access_token cs72d8a415f26a7c6c37c942d5 api_key bltf09fd79c1a797378 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Wed, 31 Jul 2024 02:23:06 GMT x-cluster accelerate01 content-encoding gzip via 1.1 varnish, 1.1 varnish x-cache HIT, HIT cache-tag bltf09fd79c1a797378.entries,bltf09fd79c1a797378.entries.search_top_card,bltf09fd79c1a797378.entries.search_top_card.en-us,bltf09fd79c1a797378.entries.en-us,bltf09fd79c1a797378.entries.production,bltf09fd79c1a797378.entries.search_top_card.production,bltf09fd79c1a797378.entries.search_top_card.en-us.production,bltf09fd79c1a797378.entries.en-us.production content-length 18505 x-served-by cache-bfi-krnt7300056-BFI, cache-yul1970050-YUL x-cs-includedepth 1 x-runtime 25 x-cs-includecount 1 server contentstack x-timer S1722392587.526561,VS0,VE1 x-contentstack-organization blt6bc90733d5b1ed8b vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * accept-ranges bytes x-cache-hits 27, 0
GET BLOB	200 OK	d943d6ab-dfc4-4f3c-ae8e-065b3db6a0d7 https://www.getty.edu/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.getty.edu/d943d6ab-dfc4-4f3c-ae8e-065b3db6a0d7 Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/250a2ff7/www-widgetapi.vflset/	31 KB 11 KB	34ms 33ms	Script text/javascript	2607:f8b0:4004:c1d::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/250a2ff7/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:16:45 GMT content-encoding br x-content-type-options nosniff age 381 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10518 x-xss-protection 0 last-modified Mon, 29 Jul 2024 04:18:07 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 31 Jul 2025 02:16:45 GMT
GET H2	200	/ Show response cdn.contentstack.io/v3/content_types/getty_location/entries/	6 KB 2 KB	20ms 20ms	Fetch application/json	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.contentstack.io/v3/content_types/getty_location/entries/?include_content_type=true&include_count=true&include[]=open_hours&except[BASE][]=_in_progress&except[BASE][]=_version&except[BASE][]=ACL&except[BASE][]=created_at&except[BASE][]=created_by&except[BASE][]=updated_at&except[BASE][]=updated_by&limit=10000&skip=0&environment=production Requested by Host: www.getty.edu URL: https://www.getty.edu/_nuxt/vendors/app.0b9fa31.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software contentstack / Resource Hash cd49758f91b7c8eec6a506274a744122db49750cb84284526e00ec7b43289c78 Request headers X-User-Agent contentstack-web/3.15.3 Referer https://www.getty.edu/ access_token cs72d8a415f26a7c6c37c942d5 api_key bltf09fd79c1a797378 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Wed, 31 Jul 2024 02:23:06 GMT x-cluster accelerate01 content-encoding gzip via 1.1 varnish, 1.1 varnish age 10465 x-cache HIT, HIT cache-tag bltf09fd79c1a797378.entries,bltf09fd79c1a797378.entries.getty_location,bltf09fd79c1a797378.entries.getty_location.en-us,bltf09fd79c1a797378.entries.en-us,bltf09fd79c1a797378.entries.production,bltf09fd79c1a797378.entries.getty_location.production,bltf09fd79c1a797378.entries.getty_location.en-us.production,bltf09fd79c1a797378.entries.en-us.production content-length 1680 x-served-by cache-bfi-krnt7300104-BFI, cache-yul1970050-YUL x-cs-includedepth 1 x-runtime 7 x-cs-includecount 1 server contentstack x-timer S1722392587.686096,VS0,VE0 x-contentstack-organization blt6bc90733d5b1ed8b vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * accept-ranges bytes x-cache-hits 25, 2
OPTIONS H2	200	/ cdn.contentstack.io/v3/content_types/getty_location/entries/ Frame	0 0	19ms 19ms	Preflight	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.contentstack.io/v3/content_types/getty_location/entries/?include_content_type=true&include_count=true&include[]=open_hours&except[BASE][]=_in_progress&except[BASE][]=_version&except[BASE][]=ACL&except[BASE][]=created_at&except[BASE][]=created_by&except[BASE][]=updated_at&except[BASE][]=updated_by&limit=10000&skip=0&environment=production Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software contentstack / Resource Hash Request headers Accept */* Access-Control-Request-Headers access_token,api_key,content-type,x-user-agent Access-Control-Request-Method GET Origin https://www.getty.edu Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-headers access_token,api_key,content-type,x-user-agent access-control-allow-methods GET, HEAD, PUT, POST, DELETE, OPTIONS, PATCH access-control-allow-origin * access-control-expose-headers access_token,api_key,content-type age 127 content-length 0 date Wed, 31 Jul 2024 02:23:06 GMT server contentstack via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-cache-hits 924, 86 x-keda-http-cold-start false x-request-id a2686534-1ebc-4a92-8c16-166337bec946 x-runtime 0ms x-served-by cache-bur-kbur8200178-BUR, cache-yul1970050-YUL x-timer S1722392587.666346,VS0,VE0
GET H2	200	js Show response www.googletagmanager.com/gtag/	329 KB 106 KB	61ms 60ms	Script application/javascript	2607:f8b0:4004:c1b::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2R5HXNY7WQ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDC63K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0b46958f252606d2a4ffc93ff7c924f9e070c0c04367259adac0ca0f6cbc0da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108783 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 31 Jul 2024 02:23:06 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	116ms 32ms	Script application/javascript	146.75.28.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDC63K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:06 GMT content-encoding gzip last-modified Fri, 15 Mar 2024 03:07:08 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip" vary Accept-Encoding,Host x-cache HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000157-IAD
GET H2	200	scevent.min.js Show response sc-static.net/	49 KB 21 KB	114ms 66ms	Script application/javascript	3.163.245.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDC63K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.163.245.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash dc242f2acb69deaa2c17cce616c89430cd666771b2e8303465bbfdc340d39663 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:06 GMT content-encoding gzip via 1.1 72620161c44640062c801bfda3ae46f2.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop YUL62-P2 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 21227 x-amz-cf-id FyJR7sxVVJEF5gYTM2T0XFoRcdbJRjRjemN-hpnrmFiOIkOJO7J9bA==
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	108ms 34ms	Script application/javascript	2600:1408:ec00:1e::1735:23ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDC63K Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1408:ec00:1e::1735:23ea Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 28 Jul 2024 07:35:22 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=50963 accept-ranges bytes content-length 14597
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	224 KB 60 KB	100ms 33ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 31 Jul 2024 02:23:06 GMT document-policy force-load-at-top x-fb-server-load 32 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58677 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=30, rtx=0, c=12, mss=1297, tbw=2775, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug eSlqA/8PSwM31k8O1a+4XYref1RR5IBmfdE0zclzsRhW00J6SH/FqcMyF7A3EMFmPkOUJAdh0gdKx/tKM1DKeA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ld.js Show response dynamic.criteo.com/js/ld/	50 KB 22 KB	101ms 31ms	Script application/javascript	2620:100:a00b::a AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://dynamic.criteo.com/js/ld/ld.js?a=108236 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDC63K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a00b::a , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 8330ed1979996869b3a4bd58faf70627e4f13f2a251d525fe1ff3a63009c6709 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:05 GMT content-encoding br strict-transport-security max-age=31536000; preload; server Kestrel vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public,max-age=10800 cross-origin-resource-policy cross-origin timing-allow-origin *
OPTIONS H2	200	/ cdn.contentstack.io/v3/content_types/page_404/entries/ Frame	0 0	19ms 19ms	Preflight	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.contentstack.io/v3/content_types/page_404/entries/?include_content_type=true&include_count=true&include[]=image&except[BASE][]=_in_progress&except[BASE][]=_version&except[BASE][]=ACL&except[BASE][]=created_at&except[BASE][]=created_by&except[BASE][]=updated_at&except[BASE][]=updated_by&limit=10000&skip=0&environment=production Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software contentstack / Resource Hash Request headers Accept */* Access-Control-Request-Headers access_token,api_key,content-type,x-user-agent Access-Control-Request-Method GET Origin https://www.getty.edu Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-headers access_token,api_key,content-type,x-user-agent access-control-allow-methods GET, HEAD, PUT, POST, DELETE, OPTIONS, PATCH access-control-allow-origin * access-control-expose-headers access_token,api_key,content-type age 127 content-length 0 date Wed, 31 Jul 2024 02:23:06 GMT server contentstack via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-cache-hits 924, 87 x-keda-http-cold-start false x-request-id a2686534-1ebc-4a92-8c16-166337bec946 x-runtime 0ms x-served-by cache-bur-kbur8200178-BUR, cache-yul1970050-YUL x-timer S1722392587.720453,VS0,VE0
GET H2	200	/ Show response cdn.contentstack.io/v3/content_types/page_404/entries/	4 KB 2 KB	86ms 86ms	Fetch application/json	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.contentstack.io/v3/content_types/page_404/entries/?include_content_type=true&include_count=true&include[]=image&except[BASE][]=_in_progress&except[BASE][]=_version&except[BASE][]=ACL&except[BASE][]=created_at&except[BASE][]=created_by&except[BASE][]=updated_at&except[BASE][]=updated_by&limit=10000&skip=0&environment=production Requested by Host: www.getty.edu URL: https://www.getty.edu/_nuxt/vendors/app.0b9fa31.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software contentstack / Resource Hash 52de9720410a5454c5dfbd0d158bc1811e0ab2ec7592b51eb77d8131e9887893 Request headers X-User-Agent contentstack-web/3.15.3 Referer https://www.getty.edu/ access_token cs72d8a415f26a7c6c37c942d5 api_key bltf09fd79c1a797378 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Wed, 31 Jul 2024 02:23:06 GMT x-cluster accelerate01 content-encoding gzip via 1.1 varnish, 1.1 varnish x-cache HIT, MISS cache-tag bltf09fd79c1a797378.entries,bltf09fd79c1a797378.entries.page_404,bltf09fd79c1a797378.entries.page_404.en-us,bltf09fd79c1a797378.entries.en-us,bltf09fd79c1a797378.entries.production,bltf09fd79c1a797378.entries.page_404.production,bltf09fd79c1a797378.entries.page_404.en-us.production,bltf09fd79c1a797378.entries.en-us.production content-length 1280 x-served-by cache-bfi-kbfi7400034-BFI, cache-yul1970050-YUL x-cs-includedepth 1 x-runtime 6 x-cs-includecount 1 server contentstack x-timer S1722392587.742159,VS0,VE65 x-contentstack-organization blt6bc90733d5b1ed8b vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * accept-ranges bytes x-cache-hits 7, 0
GET DATA	200 OK	truncated /	35 KB 35 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0cefa819ab4bb08956d2938691bb1a8cbf9fca82ed66f7c306eec22cd7f5cdcc Request headers Referer Origin https://www.getty.edu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	40 KB 40 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 042965d1313e67a0d00c23b89d896deba612c596b470546323964a6d13b31207 Request headers Referer Origin https://www.getty.edu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type font/woff2
GET H2	200	default.jpg media.getty.edu/iiif/image/419d4e47-23e5-4031-92cf-b196f5590113/square/200,/0/	29 KB 29 KB	122ms 38ms	Image image/jpeg	3.162.125.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.getty.edu/iiif/image/419d4e47-23e5-4031-92cf-b196f5590113/square/200,/0/default.jpg Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-105.iad61.r.cloudfront.net Software / IIPImage Resource Hash b2b47789eb813ba17bd0747ddd22221f1209486ed95ef2b11b4d786c5f76c368 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains via 1.1 varnish (Varnish/6.5), 1.1 8917feb7a0623473126b94dc50f359fa.cloudfront.net (CloudFront) date Wed, 31 Jul 2024 02:01:13 GMT x-amz-cf-pop IAD61-P3 age 1313 x-powered-by IIPImage x-cache Hit from cloudfront content-disposition inline;filename="419d4e47-23e5-4031-92cf-b196f5590113.jpg" content-length 29620 last-modified Thu, 23 Sep 2021 18:05:33 GMT vary Accept-Encoding x-varnish 26644809 24065048 access-control-allow-origin * content-type image/jpeg cache-control max-age=1800 accept-ranges bytes x-amz-cf-id _IjgD9JJkSIzouNsPLQk0S_bquG0s97sEvQDGlEDr9PQbhX9NvUT3Q==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 817 B	124ms 76ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=3721860&time=1722392586890&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept * Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:06 GMT content-encoding gzip x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 1D68621FDE2842B7934C1640C0E7D11A Ref B: YMQ01EDGE0513 Ref C: 2024-07-31T02:23:06Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-ltx1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYegcZPZqEEZH+HfvSh7w== x-fs-uuid 00061e81c64f66a104647f877ef4a1ef
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&e_ip...	0 267 B	156ms 103ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&e_ipv6=AQJKdZ40HU042wAAAZEGmSr0u-ZBL9hlA7U90DgqBhQ0_MR6ra6FI_3ZwTehQcmHNjUriemj Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:06 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 1D989FABD6264EAFBD0B7BCB8B739CA9 Ref B: YMQ01EDGE0605 Ref C: 2024-07-31T02:23:07Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYegcZSFzJFlmzk64MQgg== Redirect headers date Wed, 31 Jul 2024 02:23:06 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 68AE3DD4510C4209BBB350E4DF05C50B Ref B: YMQ01EDGE0321 Ref C: 2024-07-31T02:23:06Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&e_ipv6=AQJKdZ40HU042wAAAZEGmSr0u-ZBL9hlA7U90DgqBhQ0_MR6ra6FI_3ZwTehQcmHNjUriemj x-li-proto http/2 content-length 0 x-li-uuid AAYegcZPrsM0W+uJPQoTmg==
GET H2	200	adsct t.co/i/	43 B 376 B	179ms 82ms	Image image/gif	72.21.81.130 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=65d62121-ebe6-4ab1-ac9c-986258782f34&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=07be528b-6f41-4229-bf53-73a3dfbe8fd5&tw_document_href=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o49uw&type=javascript&version=2.3.30 Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.21.81.130 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-response-time 6 date Wed, 31 Jul 2024 02:23:06 GMT strict-transport-security max-age=0 server tsa_b content-type image/gif;charset=utf-8 x-transaction-id 11f9e4623abb00f6 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 0463ce5edfb01185f8fa5f8371915c39c55bbb097d40fb9d4ec11137ebb4f5db content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 391 B	211ms 61ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=65d62121-ebe6-4ab1-ac9c-986258782f34&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=07be528b-6f41-4229-bf53-73a3dfbe8fd5&tw_document_href=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o49uw&type=javascript&version=2.3.30 Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-response-time 5 date Wed, 31 Jul 2024 02:23:06 GMT strict-transport-security max-age=631138519 server tsa_b content-type image/gif;charset=utf-8 x-transaction-id c0b03468214180d0 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash ccbccb792d11b09347dc7a06ae8bb9dc5d1fba8cc28f352afe1d753aaf174913 content-length 43
GET		available archive.org/wayback/	0 0
GET H2	200	syncframe gum.criteo.com/ Frame AF8F	0 0	101ms 35ms	Document text/html	2620:100:a00b::12 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=www.getty.edu&origin=onetag Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=108236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.getty.edu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 31 Jul 2024 02:23:06 GMT server Kestrel server-processing-duration-in-ticks 389723 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
GET H2	200	a9f70486-5d3e-4485-9a38-813ba8b0868b.json Show response tr.snapchat.com/config/edu/	100 B 398 B	229ms 120ms	Fetch application/json	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/edu/a9f70486-5d3e-4485-9a38-813ba8b0868b.json?v=3.24.0-2407292126 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers accept application/json Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google, 1.1 google server API Gateway observe-browsing-topics ?1 content-type application/json access-control-allow-origin https://www.getty.edu x-envoy-upstream-service-time 56 access-control-allow-credentials true alt-svc clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100
GET H2	200	i tr.snapchat.com/cm/ Frame 5272	0 0	172ms 73ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=a9f70486-5d3e-4485-9a38-813ba8b0868b&u_scsid=a0ee2cbd-98f8-4a8f-967d-b6dd0ac6213c&u_sclid=a1073bb9-a2a0-4dcf-a586-c2d2be7208d7 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://www.getty.edu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 672 content-type text/html date Wed, 31 Jul 2024 02:23:07 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google, 1.1 google x-envoy-upstream-service-time 0
GET H2	200	p tr.snapchat.com/	68 B 458 B	177ms 71ms	Image image/png	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tr.snapchat.com/p?pid=a9f70486-5d3e-4485-9a38-813ba8b0868b&ev=PAGE_VIEW&intg=gtm&pids=a9f70486-5d3e-4485-9a38-813ba8b0868b&u_c1=8b9f5ae4-095f-41ae-9b76-ce4a5ffc17c1&cdid=%40-10813eec-0daf-460d-b04c-9e12e5e9d147&u_sclid=a1073bb9-a2a0-4dcf-a586-c2d2be7208d7&u_scsid=a0ee2cbd-98f8-4a8f-967d-b6dd0ac6213c&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=2298&m_pi=788&m_pl=0&m_pv=2&m_rd=2789&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&trackId=abc787c5-fbf2-4d7c-b91d-c6aa9966475c&ts=1722392586926&v=3.24.0-2407292126 Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google, 1.1 google server API Gateway content-type image/png access-control-allow-origin * cache-control no-cache, no-transform x-envoy-upstream-service-time 1 alt-svc clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68
GET H2	200	174834703226630 Show response connect.facebook.net/signals/config/	73 KB 15 KB	34ms 33ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/174834703226630?v=2.9.162&r=stable&domain=www.getty.edu&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f6364a7b55b6e43e9c8d10fb847b3bf3bc6aaded2c3cd27126425eb373b3a845 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 31 Jul 2024 02:23:06 GMT document-policy force-load-at-top x-fb-server-load 31 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 14723 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=36, rtx=0, c=64, mss=1297, tbw=64180, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug inw9fzDcXoNLDlnYqsiY1Pq+jgxt08z+lPxa+LSDBC9D2uF7wqRCmgFVcAij/Q9uIgmoWaZMr5UmhbF3FjZ4PA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 0	127ms 41ms	Fetch text/plain	2607:f8b0:400d:c09::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-2R5HXNY7WQ&gtm=45je47t0v880580437z877416333za200zb77416333&_p=1722392586223&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1327147574.1722392587&ecid=703576841&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1722392586&sct=1&seg=0&dl=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&dt=Page%20Not%20Found&en=page_view&_fv=2&_nsi=1&_ss=1&ep.content_group=GRI&tfd=2878 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2R5HXNY7WQ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c09::66 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.getty.edu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 244 B	128ms 41ms	Ping text/plain	2607:f8b0:400d:c04::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2R5HXNY7WQ&cid=1327147574.1722392587&gtm=45je47t0v880580437z877416333za200zb77416333&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2R5HXNY7WQ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.getty.edu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 0	125ms 40ms	Fetch text/plain	2607:f8b0:400d:c09::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-2R5HXNY7WQ&gtm=45je47t0v880580437z877416333za200zb77416333&_p=1722392586223&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1327147574.1722392587&ecid=703576841&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAC&_s=2&sid=1722392586&sct=1&seg=1&dl=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&dt=Page%20Not%20Found&en=page_view&ep.content_group=GRI&_et=1&tfd=2880 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2R5HXNY7WQ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c09::66 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.getty.edu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	468ms 429ms	Image image/gif	142.251.179.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2R5HXNY7WQ&cid=1327147574.1722392587&gtm=45je47t0v880580437z877416333za200zb77416333&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=448271864 Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	103ms 32ms	Image text/plain	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=174834703226630&ev=PageView&dl=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&rl=&if=false&ts=1722392587033&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722392587031.495294939661967978&cs_est=true&ler=empty&cdl=API_unavailable&it=1722392586944&coo=false&rqm=GET Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=2782, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Wed, 31 Jul 2024 02:23:07 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	343ms 272ms	Image image/png	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=174834703226630&ev=PageView&dl=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&rl=&if=false&ts=1722392587033&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722392587031.495294939661967978&cs_est=true&ler=empty&cdl=API_unavailable&it=1722392586944&coo=false&rqm=FGET Requested by Host: www.getty.edu URL: https://www.getty.edu/museum/research/provenance/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6f10704da8b3a5e6","source_keys":["1","2"]},{"key_piece":"0xeb5cd180b26a3f76","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:25097904323133936","24:6237457626277400","7830:25097904323133936","7830:6237457626277400","10853:25097904323133936","10853:6237457626277400","41:25097904323133936","41:6237457626277400","8046:25097904323133936","8046:6237457626277400"]},"debug_reporting":true,"debug_key":"1"} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Wed, 31 Jul 2024 02:23:07 GMT x-fb-server-load 23 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397619832287342527", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1297, tbw=3100, tp=-1, tpl=-1, uplat=239, ullat=0 pragma no-cache x-fb-debug 51Gx4LBPZSj3hDGDxzEc68vpX2YZndW2KfU2SnkBB/3DjElE5g8q3DbAFBHytPa8LgzKxLKI+7o2cOf5y6Ietg== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397619832287342527"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397619832287342527"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	event Show response sslwidget.criteo.com/	10 KB 4 KB	112ms 43ms	Script application/x-javascript	74.119.117.16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://sslwidget.criteo.com/event?a=108236&v=5.26.1&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvp%26p%3D1&p5=e%3Ddis&adce=1&bundle=V6UxJF80UU5kSVQzSCUyRk51QlVLJTJCSE1EOFV3MUl3MXNrVEZRZUluWldRUWdQTlJYakxDUDMzajAxdTElMkJMVHRkNWl5NzhEN2tlaDRoMmZHRTVhZ0wlMkZxSGh5SFBGYkE1cVJxdTdOemd2MG9wVyUyRkMlMkJ6VUNwM05nd1BJalhqb3ZLYUl3c0dUT0xjWVlZTWpvbUZnQ0g1WGNqSiUyRkFVQSUzRCUzRA&sc=%7B%22fbp%22%3A%22fb.1.1722392587031.495294939661967978%22%7D&tld=getty.edu&dy=1&fu=https%253A%252F%252Fwww.getty.edu%252Fmuseum%252Fresearch%252Fprovenance%252F&ceid=ff37caa7-aabc-4e86-8b26-d76ddef8210d Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=108236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash b12d391a849d43216af880e614ac4a9c7764c4e5acfef809c5e61effb15619cc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:06 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel content-type application/x-javascript access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 10199952 timing-allow-origin * expires 0
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 195 B	131ms 129ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 31 Jul 2024 02:23:06 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: C72A0B9818E04AD981D5541590D5E16E Ref B: YMQ01EDGE0321 Ref C: 2024-07-31T02:23:07Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.getty.edu x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYegcZT1uOLyvkHuWXOXg==
POST H2	200	p tr6.snapchat.com/	0 48 B	96ms 71ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr6.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 31 Jul 2024 02:23:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains x-envoy-upstream-service-time 0 via 1.1 google, 1.1 google server API Gateway alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	200	p tr.snapchat.com/	0 89 B	66ms 64ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.getty.edu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 31 Jul 2024 02:23:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google, 1.1 google server API Gateway access-control-allow-origin https://www.getty.edu x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame C597 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_cm&google_hm=ay1qU1ljTDRKT2VkZ3RjeE1mb2hvRjlIalRLcC1iMXJKT... https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_cm=&google_hm=ay1qU1ljTDRKT2VkZ3RjeE1mb2hvRjlIalRLcC1iMXJ... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_gid=CAESEHb9sX97vlfEPpz9KuRFMNA&google_cver=1&google_ula=913071,0	43 B 370 B	34ms 34ms	Image image/gif	74.119.117.16 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_gid=CAESEHb9sX97vlfEPpz9KuRFMNA&google_cver=1&google_ula=913071,0 Protocol H2 Server 74.119.117.16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:06 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1453981 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_gid=CAESEHb9sX97vlfEPpz9KuRFMNA&google_cver=1&google_ula=913071,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Frame C597 Redirect Chain https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30	43 B 510 B	46ms 46ms	Image image/gif	35.211.178.172 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30 Protocol HTTP/1.1 Server 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 172.178.211.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 31 Jul 2024 02:23:07 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30 Date Wed, 31 Jul 2024 02:23:07 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame C597 Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1264143055003058	43 B 370 B	35ms 34ms	Image image/gif	74.119.117.16 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1264143055003058 Protocol H2 Server 74.119.117.16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1728155 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT an-x-request-uuid 6560d04b-2d6a-4f71-bec5-8e003802d664 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1264143055003058 x-proxy-origin 167.114.209.103; 167.114.209.103; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	/ partner.mediawallahscript.com/ Frame C597 Redirect Chain https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&custom=&tag_format=img&tag_action=sync&custom=&cb=929c6696-c6a3-472d-9c50-9fbec3f... https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=929c6696-c6a3-472... https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1264143055003058&tag_format=img&tag_action=sync https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile... https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr... https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=7f17c75ab1195c614613c8eb2b66509b&tag_format=img&tag_action=sync&cb=47529185 https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=ee95b132-a258-4cba-8448-6ee34dde72da&tag_format=img&tag_action=sync&cb= https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d&cb=1722392588155&rmn=y&redirect=https%3A%2F%2Fpartner.me... https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=a3c45797-c821-478f-8475-2f581ecf35d1&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1722392588155 https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=d372bef0-4ee3-11ef-852c-b3948ba04f6d	0 406 B	35ms 34ms	Image text/plain	34.207.3.5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=d372bef0-4ee3-11ef-852c-b3948ba04f6d Protocol H2 Server 34.207.3.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-207-3-5.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers expires Sat, 26 Jul 1997 05:00:00 GMT date Wed, 31 Jul 2024 02:23:08 GMT cache-control private, no-cache, must-revalidate, no-store, max-age=0 server nginx p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Redirect headers location https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=d372bef0-4ee3-11ef-852c-b3948ba04f6d date Wed, 31 Jul 2024 02:23:08 GMT strict-transport-security max-age=31536000 cross-origin-resource-policy cross-origin content-length 0
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame C597	43 B 688 B	264ms 33ms	Image image/gif	23.105.12.120 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-TfwSoIJOedgtcxMfohoF9HjTKp-JspAwqXXkjg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT cache-control no-cache,no-store transfer-encoding chunked content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C597	0 375 B	119ms 36ms	Image text/plain	141.226.124.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-aita6oJOedgtcxMfohoF9HjTKp81nPB_s7dQ-g Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:07 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 34167
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame C597	49 B 342 B	149ms 27ms	Image image/gif	195.244.31.10 IGUANA-WORLDWIDE
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-vm_uw4JOedgtcxMfohoF9HjTKp-xUvgKpE1LOw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US), Reverse DNS Software ayl-lb-usa02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT x-content-type-options nosniff server ayl-lb-usa02 vary Accept-Encoding p3p CP="CAO PSA OUR" content-type image/gif cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 1 content-length 49 expires 0
GET H2	200	sync tags.bluekai.com/site/29001/ Frame C597 Redirect Chain https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=-JcSESBlKWIm8SVXrAUkkTns_y6dXPzC	62 B 583 B	184ms 109ms	Image image/gif	23.210.0.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=-JcSESBlKWIm8SVXrAUkkTns_y6dXPzC Protocol H2 Server 23.210.0.209 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-0-209.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-type image/gif x-request-id ffc2a808eb4af21d29584689bbdc40a9 date Wed, 31 Jul 2024 02:23:07 GMT content-length 62 bk-server b87d p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Redirect headers location https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=-JcSESBlKWIm8SVXrAUkkTns_y6dXPzC date Wed, 31 Jul 2024 02:23:07 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 653530 content-length 0
GET H3	200	rum r.casalemedia.com/ Frame C597 Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow&C=1	43 B 723 B	53ms 53ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow&C=1 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTmb540nO9792nEAv0wyPwD%2F3fW3tLGX10FxLHKA0tpcXM4BEFP9auCS%2BA3KhsULTFt3FCpky%2BSmQ1Jl63qjqqMKK2Qj1wfY4%2BiJCcuvq12iLXManXNv4YPvn9zjG%2Byxkdh3"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8aba1fe91d2136fd-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJwNYpfvjDLVTG2cHFiyIFwwUofE26sD%2B3rhR9s50C9IFvLRrxtX%2FT9jcz%2BK%2BOBxidVsTZTYuPHJNJrBRhwc8dSXbNZqJL6VWly95dT8ZYsKcfvMKMX%2Bb1Q04TCaOccRMNcN"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow&C=1 cache-control no-cache cf-ray 8aba1fe8bcb736fd-YYZ alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H/1.1	200	user-registering ads.stickyadstv.com/ Frame C597	43 B 664 B	141ms 34ms	Image image/gif	63.251.28.230 FREEWHEEL
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-jgiuEoJOedgtcxMfohoF9HjTKp8KyEa4Ot0JzA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.251.28.230 Secaucus, United States, ASN26558 (FREEWHEEL, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma no-cache Date Wed, 31 Jul 2024 02:23:07 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive x-sticky-vk 1722392587699064-1165
GET H2	200	match ad.360yield.com/ul_cb/ Frame C597 Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw	43 B 446 B	39ms 37ms	Image image/gif	34.193.146.118 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw Protocol H2 Server 34.193.146.118 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-146-118.compute-1.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * date Wed, 31 Jul 2024 02:23:07 GMT p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw access-control-allow-origin * date Wed, 31 Jul 2024 02:23:07 GMT p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 0 content-type text/plain
GET H/1.1	200 OK	52164 i6.liadm.com/s/ Frame C597 Redirect Chain https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-HQyfvIJOedgtcxMfohoF9HjTKp_sNaOrlL43dQ https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-HQyfvIJOedgtcxMfohoF9HjTKp_sNaOrlL43dQ&_li_chk=true&previous_uuid=860f1ca8fae845e6a567468208e923af https://x.bidswitch.net/sync?ssp=liveintent&user_id=860f1ca8-fae8-45e6-a567-468208e923af https://match.deepintent.com/usersync/129/store?id=&ext1=liveintent&ext2=b28fc182-2c65-4a20-98b3-39641a9ead1e https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_3393708cfff6464b89058&ssp=liveintent&bsw_param=b28fc182-2c65-4a20-98b3-39641a9ead1e https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e	43 B 548 B	174ms 40ms	Image image/gif	2600:1f18:ed:550a:85cb:ead1:1860:f306 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e Protocol HTTP/1.1 Server 2600:1f18:ed:550a:85cb:ead1:1860:f306 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 31 Jul 2024 02:23:08 GMT Cache-Control no-store Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 43 Request-Time 0 Content-Type image/gif Redirect headers Location https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e Date Wed, 31 Jul 2024 02:23:08 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 1
GET H2	200	cksync.php contextual.media.net/ Frame C597	60 B 815 B	177ms 92ms	Image image/gif	23.48.8.28 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-6ni11YJOedgtcxMfohoF9HjTKp-7DYitfDxzeA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-48-8-28.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Wed, 31 Jul 2024 02:23:07 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store alt-svc h3=":443"; ma=93600 content-length 60 x-mnet-hl2 E expires Wed, 31 Jul 2024 02:23:07 GMT
GET H2	200	push exchange.mediavine.com/usersync/ Frame C597	0 968 B	107ms 35ms	Image text/html	54.243.111.131 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-4MAWR4JOedgtcxMfohoF9HjTKp9ww_DHDwzWuQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.243.111.131 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-243-111-131.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:07 GMT cache-control private, no-cache access-control-allow-credentials true content-encoding gzip vary Origin, Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	c.gif c.bing.com/ Frame C597	42 B 689 B	112ms 43ms	Image image/gif	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-8QkAMoJOedgtcxMfohoF9HjTKp_04i7XQyzFbA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT last-modified Tue, 25 Jun 2024 19:54:30 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6C7449CEF3084E9CAED8E71DD566A2AD Ref B: YMQ01EDGE0317 Ref C: 2024-07-31T02:23:07Z etag "df9747e39c7da1:0" x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" content-type image/gif cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42
GET H2	200	1017 jadserve.postrelease.com/suid/ Frame C597	43 B 535 B	113ms 33ms	Image image/gif	34.192.193.130 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/suid/1017?vk=k-NkkQZYJOedgtcxMfohoF9HjTKp-oPcbOf_50ug Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.193.130 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-193-130.compute-1.amazonaws.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT server nginx content-type image/gif access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame C597	0 360 B	109ms 35ms	Image text/plain	70.42.32.159 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-I4i2oYJOedgtcxMfohoF9HjTKp_ktdy4xAGQ_w&initiator=partner Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:07 GMT cache-control no-cache strict-transport-security max-age=31536000; includeSubDomains; preload x-traceid 557295affb6280210848c5ade4b588f7 content-length 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame C597	42 B 581 B	105ms 34ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-zaZPxIJOedgtcxMfohoF9HjTKp95WTnYCHFRWg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Wed, 31 Jul 2024 02:23:07 GMT cache-control no-store, no-cache, private server nginx content-length 42 content-type image/gif; charset=utf-8
GET		pixel_sync trends.revcontent.com/cm/ Frame C597	0 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame C597	42 B 1 KB	138ms 36ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-GEbsWYJOedgtcxMfohoF9HjTKp_hxZduLPLMtQ&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Pragma no-cache Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 78008fe701b681dce86a72fc23cacc40 Expires 0
GET H2	200	v1 match.sharethrough.com/sync/ Frame C597	68 B 301 B	126ms 33ms	Image image/png	3.85.165.15 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-cBRBK4JOedgtcxMfohoF9HjTKp-_WPpUnWGMjw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.85.165.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-85-165-15.compute-1.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; cache-control no-cache content-length 68 content-type image/png
GET H2	204	/ s.ad.smaato.net/c/ Frame C597	0 381 B	109ms 51ms	Image text/plain	2600:9000:2209:ac00:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-C4RvhYJOedgtcxMfohoF9HjTKp_m1Tq8mhpo_g Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2209:ac00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:08 GMT cache-control no-cache, must-revalidate via 1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop EWR53-P1 x-amz-cf-id g-bGmQsjYLCiZdCUmnWpBdYVyrvmSK1g9wRrC30cWF5DWAWYDog7Gg== x-cache Miss from cloudfront
GET H2	200	um criteo-sync.teads.tv/ Frame C597	23 B 278 B	138ms 36ms	Image image/gif	23.222.197.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-WB8-C4JOedgtcxMfohoF9HjTKp_JyKH47DZP0Q Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-222-197-151.deploy.static.akamaitechnologies.com Software pekko-http/1.0.1 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-type image/gif pragma no-cache date Wed, 31 Jul 2024 02:23:08 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.1 content-length 23 expires Wed, 31 Jul 2024 02:23:08 GMT
GET H2	200	sync criteo-partners.tremorhub.com/ Frame C597	43 B 399 B	176ms 38ms	Image image/gif	2600:1f18:612b:4232:5012:c2ca:70d1:c09 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-partners.tremorhub.com/sync?UICR=k-SNty9YJOedgtcxMfohoF9HjTKp_rO_CHmyG1zA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4232:5012:c2ca:70d1:c09 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-type image/gif date Wed, 31 Jul 2024 02:23:08 GMT server nginx p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
GET H2	200	sync.htm ade.clmbtech.com/uid/ Frame C597	68 B 259 B	352ms 248ms	Image image/jpeg	2600:1408:ec00:13::1730:6833 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-kIfdNIJOedgtcxMfohoF9HjTKp_fqCnWUbfDrw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1408:ec00:13::1730:6833 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Bhoot / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Security Headers Name Value Strict-Transport-Security max-age=25920000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=25920000; includeSubdomains date Wed, 31 Jul 2024 02:23:08 GMT x-content-type-options nosniff server Bhoot x-frame-options sameorigin content-type image/jpeg x-upstream 172.29.17.245:80 content-length 68 x-xss-protection 1; mode=block
GET H2	200	xuid eb2.3lift.com/ Frame C597 Redirect Chain https://eb2.3lift.com/xuid?mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=	37 B 474 B	35ms 35ms	Image image/gif	52.223.22.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b&gdpr=0&cmp_cs=&us_privacy= Protocol H2 Server 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" date Wed, 31 Jul 2024 02:23:08 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers location /xuid?ld=1&mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b&gdpr=0&cmp_cs=&us_privacy= date Wed, 31 Jul 2024 02:23:08 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H3	200	1x1.png cdn.aralego.net/img/ Frame C597 Redirect Chain https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-4RcxDIJOedgtcxMfohoF9HjTKp9mW91Pzl7r4Q https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=OGIxMWI4MGUtYTgyZS0zMDM1LThmMmMtZWY3NTYyMjJlNjhh&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png https://cdn.aralego.net/img/1x1.png	68 B 599 B	75ms 40ms	Image image/png	172.67.71.254 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.aralego.net/img/1x1.png Protocol H3 Server 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10138 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 68 cf-bgj imgq:85,h2pri last-modified Wed, 12 Jun 2019 06:09:43 GMT server cloudflare etag "5d009727-44" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsEqcRDCq6ny1O1gOFXg25FO6l9GDjjA0SCBupGUM6NCjH4XwGAHrJASnLV9Az6uvNqn4pKseDSIuKWT9I3h8Lmm4qLlIfrmCx7crwzJcyzziRXQRGEfbckI37sqTZrXLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 8aba1fec8c5836cf-YYZ Redirect headers pragma no-cache date Wed, 31 Jul 2024 02:23:08 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cdn.aralego.net/img/1x1.png p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 232 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync sync-criteo.ads.yieldmo.com/ Frame C597	43 B 621 B	190ms 33ms	Image image/gif	44.208.93.210 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync-criteo.ads.yieldmo.com/sync?id=k-1WDa74JOedgtcxMfohoF9HjTKp-ZqhcEKm9ZKw&pn_id=criteo&ext=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.208.93.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-208-93-210.compute-1.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:08 GMT accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile access-control-allow-methods POST, GET, OPTIONS content-type image/gif;charset=utf-8 access-control-allow-origin * access-control-allow-headers Cache-Control, Pragma, * content-length 43
GET H2	200	favicon.ico www.getty.edu/	7 KB 8 KB	325ms 325ms	Other image/vnd.microsoft.icon	108.139.47.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.getty.edu/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-8.jfk50.r.cloudfront.net Software / Resource Hash e88cd5b705c6c66f97553fcc959e9c73f7ecf55eb5151c9e9e78c16807368040 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.getty.edu/museum/research/provenance/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 02:23:07 GMT x-amz-version-id BcpWhUBAQW5LzGmwL.VZqf83vIH_amHm via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 31 Jul 2024 00:22:53 GMT x-amz-cf-pop JFK50-P1 etag "b585f713807f95e7196326331ea89e87" x-cache Miss from cloudfront content-type image/vnd.microsoft.icon cache-control no-cache content-length 7406 x-amz-cf-id M7yoxDU0eTWQehBpbJNq15g0o0zHVV1jwdRe6L0kNJdeOdoicE6psw==
GET H2	200	setuid ib.adnxs.com/ Frame C597	43 B 1 KB	29ms 29ms	Image image/gif	68.67.179.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=52&code=k-rfa7t4JOedgtcxMfohoF9HjTKp9PsXdqDlHwRQ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 02:23:07 GMT an-x-request-uuid 010de796-1dbc-44c0-b5e7-545ec59213b5 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 167.114.209.103; 167.114.209.103; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame C597 Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu	42 B 716 B	36ms 36ms	Image image/gif	52.23.65.135 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu Protocol H2 Server 52.23.65.135 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-23-65-135.compute-1.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers dcs dcs-prod-va6-2-v062-0c3d1fc05.edge-va6.demdex.com 2 ms pragma no-cache date Wed, 31 Jul 2024 02:23:08 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid DwVcQLHgTIE= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-va6-1-v062-0c5d64612.edge-va6.demdex.com 1 ms pragma no-cache date Wed, 31 Jul 2024 02:23:08 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid x353WxTFTrA= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

archive.org

URL

https://archive.org/wayback/available?url=https:/www.getty.edu/museum/research/provenance/

Domain

trends.revcontent.com

URL

https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ISJOOIJOedgtcxMfohoF9HjTKp-y_vpsWkQlfg