www.getty.edu
Open in
urlscan Pro
108.139.47.8
Public Scan
Effective URL: https://www.getty.edu/museum/research/provenance/
Submission: On July 31 via api from US — Scanned from CA
Summary
TLS certificate: Issued by InCommon RSA Server CA 2 on July 1st 2024. Valid for: a year.
This is the only time www.getty.edu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-8.jfk50.r.cloudfront.net
www.getty.edu |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-105.iad61.r.cloudfront.net
media.getty.edu |
ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com | |
tr6.snapchat.com |
ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net
www.google.ca |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: qv-in-f157.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com | |
secure.adnxs.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-3-5.compute-1.amazonaws.com
partner.mediawallahscript.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-203-136.compute-1.amazonaws.com
sync.crwdcntrl.net |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-96-154.compute-1.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com |
ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-0-209.deploy.static.akamaitechnologies.com
tags.bluekai.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-146-118.compute-1.amazonaws.com
ad.360yield.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-195-43.compute-1.amazonaws.com
i.liadm.com |
ASN14618 (AMAZON-AES, US)
i6.liadm.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-48-8-28.deploy.static.akamaitechnologies.com
contextual.media.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-111-131.compute-1.amazonaws.com
exchange.mediavine.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-193-130.compute-1.amazonaws.com
jadserve.postrelease.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-165-15.compute-1.amazonaws.com
match.sharethrough.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-222-197-151.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv |
ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com |
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-93-210.compute-1.amazonaws.com
sync-criteo.ads.yieldmo.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-65-135.compute-1.amazonaws.com
dpm.demdex.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
getty.edu
1 redirects
www.getty.edu — Cisco Umbrella Rank: 460546 media.getty.edu — Cisco Umbrella Rank: 583929 |
2 MB |
7 |
mediawallahscript.com
6 redirects
partner.mediawallahscript.com — Cisco Umbrella Rank: 4768 |
6 KB |
7 |
criteo.com
2 redirects
dynamic.criteo.com — Cisco Umbrella Rank: 4315 gum.criteo.com — Cisco Umbrella Rank: 553 sslwidget.criteo.com — Cisco Umbrella Rank: 2867 dis.criteo.com — Cisco Umbrella Rank: 1058 |
28 KB |
6 |
contentstack.io
cdn.contentstack.io — Cisco Umbrella Rank: 43466 |
22 KB |
5 |
snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340 |
993 B |
4 |
liadm.com
3 redirects
i.liadm.com — Cisco Umbrella Rank: 937 i6.liadm.com — Cisco Umbrella Rank: 5739 |
2 KB |
4 |
adnxs.com
3 redirects
ib.adnxs.com — Cisco Umbrella Rank: 383 secure.adnxs.com — Cisco Umbrella Rank: 764 |
4 KB |
4 |
bidswitch.net
3 redirects
x.bidswitch.net — Cisco Umbrella Rank: 499 |
2 KB |
4 |
doubleclick.net
3 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 252 cm.g.doubleclick.net — Cisco Umbrella Rank: 363 |
2 KB |
4 |
linkedin.com
1 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330 |
2 KB |
2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 319 |
1 KB |
2 |
3lift.com
1 redirects
eb2.3lift.com — Cisco Umbrella Rank: 632 |
977 B |
2 |
360yield.com
1 redirects
ad.360yield.com — Cisco Umbrella Rank: 1075 |
874 B |
2 |
casalemedia.com
1 redirects
r.casalemedia.com — Cisco Umbrella Rank: 2947 |
2 KB |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 505 |
1 KB |
2 |
crwdcntrl.net
2 redirects
sync.crwdcntrl.net — Cisco Umbrella Rank: 1261 |
978 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 108 |
4 KB |
2 |
google.com
analytics.google.com — Cisco Umbrella Rank: 238 |
|
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236 |
74 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
214 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 84 |
13 KB |
1 |
yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 4043 |
621 B |
1 |
aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8695 |
599 B |
1 |
aralego.com
1 redirects
sync.aralego.com — Cisco Umbrella Rank: 3944 |
502 B |
1 |
clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 3924 |
259 B |
1 |
tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3878 |
399 B |
1 |
teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3660 |
278 B |
1 |
smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1043 |
381 B |
1 |
sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 804 |
301 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555 |
1 KB |
1 |
pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1358 |
581 B |
1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1277 |
360 B |
1 |
postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1508 |
535 B |
1 |
bing.com
c.bing.com — Cisco Umbrella Rank: 341 |
689 B |
1 |
mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 2423 |
968 B |
1 |
media.net
contextual.media.net — Cisco Umbrella Rank: 1060 |
815 B |
1 |
deepintent.com
1 redirects
match.deepintent.com — Cisco Umbrella Rank: 1627 |
335 B |
1 |
stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 969 |
664 B |
1 |
bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1219 |
583 B |
1 |
omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1229 |
342 B |
1 |
taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 2447 |
375 B |
1 |
smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1072 |
688 B |
1 |
imrworldwide.com
1 redirects
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 10138 |
338 B |
1 |
rqtrk.eu
1 redirects
ws.rqtrk.eu — Cisco Umbrella Rank: 7394 |
411 B |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 9677 |
63 B |
1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1356 |
391 B |
1 |
t.co
t.co — Cisco Umbrella Rank: 979 |
376 B |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884 |
14 KB |
1 |
sc-static.net
sc-static.net — Cisco Umbrella Rank: 1413 |
21 KB |
1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1253 |
15 KB |
0 |
revcontent.com
Failed
trends.revcontent.com Failed |
|
0 |
archive.org
Failed
archive.org Failed |
|
73 | 52 |
This site contains links to these domains. Also see Links.
Domain |
---|
shop.getty.edu |
www.youtube.com |
jobs-getty.icims.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.tiktok.com |
goo.gl |
primo.getty.edu |
subscriptions.getty.edu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.getty.edu InCommon RSA Server CA 2 |
2024-07-01 - 2025-07-01 |
a year | crt.sh |
*.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.contentstack.io Gandi RSA Domain Validation Secure Server CA 3 |
2024-04-10 - 2025-05-04 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-06-25 - 2025-06-24 |
a year | crt.sh |
sc-static.net Amazon RSA 2048 M03 |
2023-12-21 - 2025-01-18 |
a year | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-12-13 - 2024-12-12 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-06-18 - 2024-09-17 |
3 months | crt.sh |
iiif.getty.edu InCommon RSA Server CA 2 |
2023-08-22 - 2024-08-21 |
a year | crt.sh |
www.linkedin.com DigiCert SHA2 Secure Server CA |
2024-07-01 - 2025-01-01 |
6 months | crt.sh |
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-05-08 - 2025-05-07 |
a year | crt.sh |
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-07 - 2024-11-05 |
a year | crt.sh |
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-23 - 2025-07-22 |
a year | crt.sh |
*.g.doubleclick.net WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.google.ca WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2024-01-17 - 2025-01-16 |
a year | crt.sh |
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2024-07-30 - 2024-12-31 |
5 months | crt.sh |
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA |
2024-07-02 - 2025-08-01 |
a year | crt.sh |
*.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-09 - 2025-02-08 |
a year | crt.sh |
*.media.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-21 - 2024-12-21 |
a year | crt.sh |
exchange.mediavine.com Amazon RSA 2048 M03 |
2024-03-05 - 2025-04-02 |
a year | crt.sh |
www.bing.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-06-19 - 2024-12-16 |
6 months | crt.sh |
*.postrelease.com Amazon RSA 2048 M02 |
2023-10-27 - 2024-11-23 |
a year | crt.sh |
*.outbrain.com Thawte TLS RSA CA G1 |
2023-11-20 - 2024-11-27 |
a year | crt.sh |
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-19 - 2025-04-19 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-07-30 - 2025-04-03 |
8 months | crt.sh |
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2024-07-15 - 2025-08-15 |
a year | crt.sh |
s.ad.smaato.net Amazon RSA 2048 M03 |
2023-09-04 - 2024-10-02 |
a year | crt.sh |
teads.tv R10 |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
*.tremorhub.com Amazon RSA 2048 M03 |
2024-01-24 - 2025-02-21 |
a year | crt.sh |
colombiaonline.com R11 |
2024-06-28 - 2024-09-26 |
3 months | crt.sh |
*.ads.yieldmo.com Amazon RSA 2048 M02 |
2024-02-24 - 2025-03-23 |
a year | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2024-02-14 - 2025-03-16 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.getty.edu/museum/research/provenance/
Frame ID: 295B2E893B44C2A4CDB12F6994F76CDB
Requests: 41 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=www.getty.edu&origin=onetag
Frame ID: AF8FA3F5FAD9955E35AADC80622D89EA
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=a9f70486-5d3e-4485-9a38-813ba8b0868b&u_scsid=a0ee2cbd-98f8-4a8f-967d-b6dd0ac6213c&u_sclid=a1073bb9-a2a0-4dcf-a586-c2d2be7208d7
Frame ID: 52724FC8CF14162E3DB6637958E639EE
Requests: 1 HTTP requests in this frame
Frame:
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_gid=CAESEHb9sX97vlfEPpz9KuRFMNA&google_cver=1&google_ula=913071,0
Frame ID: C597B6D38086F5A41E0E921E3896EC0A
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Page Not FoundPage URL History Show full URLs
-
http://www.getty.edu//art//provenance//
HTTP 307
https://www.getty.edu//art//provenance// HTTP 302
https://www.getty.edu/museum/research/provenance/ Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- /_nuxt/
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Getty Store
Search URL Search Domain Scan URL
Title: Talks & Videos
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 1200 Getty Center Drive, Los Angeles, CA 90049
Search URL Search Domain Scan URL
Title: 17985 Pacific Coast Highway, Pacific Palisades, CA 90272
Search URL Search Domain Scan URL
Title: Research Collections
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: E-Newsletters
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.getty.edu//art//provenance//
HTTP 307
https://www.getty.edu//art//provenance// HTTP 302
https://www.getty.edu/museum/research/provenance/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3721860&time=1722392586890&li_adsId=66c8a7e2-8213-4788-96bd-6397fca14676&url=https%3A%2F%2Fwww.getty.edu%2Fmuseum%2Fresearch%2Fprovenance%2F&e_ipv6=AQJKdZ40HU042wAAAZEGmSr0u-ZBL9hlA7U90DgqBhQ0_MR6ra6FI_3ZwTehQcmHNjUriemj
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_cm&google_hm=ay1qU1ljTDRKT2VkZ3RjeE1mb2hvRjlIalRLcC1iMXJKTkJPMTY5Zw HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_cm=&google_hm=ay1qU1ljTDRKT2VkZ3RjeE1mb2hvRjlIalRLcC1iMXJKTkJPMTY5Zw&google_tc= HTTP 302
- https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&google_gid=CAESEHb9sX97vlfEPpz9KuRFMNA&google_cver=1&google_ula=913071,0
- https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qN_D4oJOedgtcxMfohoF9HjTKp-rdEldzxZliQ&expires=30
- https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
- https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1264143055003058
- https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&custom=&tag_format=img&tag_action=sync&custom=&cb=929c6696-c6a3-472d-9c50-9fbec3f751ee HTTP 302
- https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-jSYcL4JOedgtcxMfohoF9HjTKp-b1rJNBO169g&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=929c6696-c6a3-472d-9c50-9fbec3f751ee&final=true&reqid=d3083d50-4ee3-11ef-9f03-874a96255290×tamp=2024-07-31T02%3A23%3A07.685Z HTTP 302
- https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
- https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1264143055003058&tag_format=img&tag_action=sync HTTP 302
- https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
- https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=7f17c75ab1195c614613c8eb2b66509b&tag_format=img&tag_action=sync&cb=47529185 HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
- https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=ee95b132-a258-4cba-8448-6ee34dde72da&tag_format=img&tag_action=sync&cb= HTTP 302
- https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=d30dbb90-4ee3-11ef-8370-4199bcf8bc0d&cb=1722392588155&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1722392588155 HTTP 302
- https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=a3c45797-c821-478f-8475-2f581ecf35d1&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1722392588155 HTTP 302
- https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
- https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=d372bef0-4ee3-11ef-852c-b3948ba04f6d
- https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
- https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=-JcSESBlKWIm8SVXrAUkkTns_y6dXPzC
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow HTTP 302
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g2vwEIJOedgtcxMfohoF9HjTKp-1l0n88nH4ow&C=1
- https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw HTTP 302
- https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-T-i2PYJOedgtcxMfohoF9HjTKp_OWo0xvby_Cw
- https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-HQyfvIJOedgtcxMfohoF9HjTKp_sNaOrlL43dQ HTTP 303
- https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-HQyfvIJOedgtcxMfohoF9HjTKp_sNaOrlL43dQ&_li_chk=true&previous_uuid=860f1ca8fae845e6a567468208e923af HTTP 303
- https://x.bidswitch.net/sync?ssp=liveintent&user_id=860f1ca8-fae8-45e6-a567-468208e923af HTTP 302
- https://match.deepintent.com/usersync/129/store?id=&ext1=liveintent&ext2=b28fc182-2c65-4a20-98b3-39641a9ead1e HTTP 303
- https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_3393708cfff6464b89058&ssp=liveintent&bsw_param=b28fc182-2c65-4a20-98b3-39641a9ead1e HTTP 302
- https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e HTTP 303
- https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b28fc182-2c65-4a20-98b3-39641a9ead1e
- https://eb2.3lift.com/xuid?mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-RJlKtoJOedgtcxMfohoF9HjTKp_FgWSW52BFdA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
- https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-4RcxDIJOedgtcxMfohoF9HjTKp9mW91Pzl7r4Q HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=OGIxMWI4MGUtYTgyZS0zMDM1LThmMmMtZWY3NTYyMjJlNjhh&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
- https://cdn.aralego.net/img/1x1.png
- https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
- https://dpm.demdex.net/ibs:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=0HhlcVG4mq8J4AKnF3S5RF4fbV5M4Keu
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.getty.edu/museum/research/provenance/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.cb36e77.modern.js
www.getty.edu/_nuxt/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.873700d.modern.js
www.getty.edu/_nuxt/commons/ |
330 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.0b9fa31.modern.js
www.getty.edu/_nuxt/vendors/ |
6 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.a12aee3.modern.js
www.getty.edu/_nuxt/ |
318 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cdn.contentstack.io/v3/content_types/search_top_card/entries/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
320 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cdn.contentstack.io/v3/content_types/search_top_card/entries/ |
92 KB 19 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d943d6ab-dfc4-4f3c-ae8e-065b3db6a0d7
https://www.getty.edu/ |
31 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/250a2ff7/www-widgetapi.vflset/ |
31 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cdn.contentstack.io/v3/content_types/getty_location/entries/ |
6 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cdn.contentstack.io/v3/content_types/getty_location/entries/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
329 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
49 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
224 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
dynamic.criteo.com/js/ld/ |
50 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cdn.contentstack.io/v3/content_types/page_404/entries/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cdn.contentstack.io/v3/content_types/page_404/entries/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 KB 35 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
40 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.jpg
media.getty.edu/iiif/image/419d4e47-23e5-4031-92cf-b196f5590113/square/200,/0/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attribution_trigger
px.ads.linkedin.com/ |
2 B 817 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 267 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 376 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 391 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
available
archive.org/wayback/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame AF8F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a9f70486-5d3e-4485-9a38-813ba8b0868b.json
tr.snapchat.com/config/edu/ |
100 B 398 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 5272 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
tr.snapchat.com/ |
68 B 458 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
174834703226630
connect.facebook.net/signals/config/ |
73 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 244 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.ca/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
sslwidget.criteo.com/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 195 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr6.snapchat.com/ |
0 48 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ |
0 89 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C597 Redirect Chain
|
43 B 370 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame C597 Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C597 Redirect Chain
|
43 B 370 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
partner.mediawallahscript.com/ Frame C597 Redirect Chain
|
0 406 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
rtb-csync.smartadserver.com/redir/ Frame C597 |
43 B 688 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C597 |
0 375 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Frame C597 |
49 B 342 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
tags.bluekai.com/site/29001/ Frame C597 Redirect Chain
|
62 B 583 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
r.casalemedia.com/ Frame C597 Redirect Chain
|
43 B 723 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user-registering
ads.stickyadstv.com/ Frame C597 |
43 B 664 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
ad.360yield.com/ul_cb/ Frame C597 Redirect Chain
|
43 B 446 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
52164
i6.liadm.com/s/ Frame C597 Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cksync.php
contextual.media.net/ Frame C597 |
60 B 815 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push
exchange.mediavine.com/usersync/ Frame C597 |
0 968 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.bing.com/ Frame C597 |
42 B 689 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1017
jadserve.postrelease.com/suid/ Frame C597 |
43 B 535 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Frame C597 |
0 360 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Frame C597 |
42 B 581 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pixel_sync
trends.revcontent.com/cm/ Frame C597 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame C597 |
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
match.sharethrough.com/sync/ Frame C597 |
68 B 301 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
s.ad.smaato.net/c/ Frame C597 |
0 381 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
um
criteo-sync.teads.tv/ Frame C597 |
23 B 278 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
criteo-partners.tremorhub.com/ Frame C597 |
43 B 399 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync.htm
ade.clmbtech.com/uid/ Frame C597 |
68 B 259 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Frame C597 Redirect Chain
|
37 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1x1.png
cdn.aralego.net/img/ Frame C597 Redirect Chain
|
68 B 599 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
sync-criteo.ads.yieldmo.com/ Frame C597 |
43 B 621 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.getty.edu/ |
7 KB 8 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
ib.adnxs.com/ Frame C597 |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
demconf.jpg
dpm.demdex.net/ Frame C597 Redirect Chain
|
42 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- archive.org
- URL
- https://archive.org/wayback/available?url=https:/www.getty.edu/museum/research/provenance/
- Domain
- trends.revcontent.com
- URL
- https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ISJOOIJOedgtcxMfohoF9HjTKp-y_vpsWkQlfg
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 number| _gtm_init object| _gtm_ids function| _gtm_inject object| __NUXT__ object| webpackJsonp function| setImmediate function| clearImmediate object| vttjs function| WebVTT object| __vueuse_ssr_handlers__ object| onNuxtReadyCbs function| onNuxtReady object| regeneratorRuntime function| __NUXT_JSONP__ object| __NUXT_JSONP_CACHE__ function| __NUXT_IMPORT__ object| dataLayer object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| $nuxt object| google_tag_manager object| google_tag_data function| twq function| snaptr string| _linkedin_data_partner_id function| fbq function| _fbq string| deviceType object| criteo_q object| Criteo function| lintrk boolean| _already_called_lintrk object| twttr object| _scPxHelper object| _scPxTeller object| gaGlobal object| ORIBILI95 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: fdcf6e462b6e488abffd4929ae370321 |
|
i.liadm.com/s | Name: _li_ss Value: ChIKBQgMEM0YCgkI_____wcQzRg |
|
i6.liadm.com/s | Name: _li_ss Value: CgA |
|
.youtube.com/ | Name: YSC Value: v0bXuke9qII |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: BtmWAdSXTvw |
|
.youtube.com/ | Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgXg%3D%3D |
|
www.getty.edu/ | Name: i18n_redirected Value: en |
|
.getty.edu/ | Name: _gcl_au Value: 1.1.523184782.1722392587 |
|
.getty.edu/ | Name: _scid Value: 8b9f5ae4-095f-41ae-9b76-ce4a5ffc17c1 |
|
.getty.edu/ | Name: _scid_r Value: 8b9f5ae4-095f-41ae-9b76-ce4a5ffc17c1 |
|
.getty.edu/ | Name: _ga Value: GA1.1.1327147574.1722392587 |
|
.criteo.com/ | Name: uid Value: ebc50f73-0080-472e-917e-8e4c46c07723 |
|
.criteo.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.getty.edu/ | Name: _fbp Value: fb.1.1722392587031.495294939661967978 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&3c05c728-1b48-4376-8e49-cc61b4feb76c" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MjIzOTI1ODY7MjswMjETiTYySRUfr8koJ7VlxDN9eznYYa8UIOoMK2OpaLNwng== |
|
.linkedin.com/ | Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2889:u=1:x=1:i=1722392586:t=1722478986:v=2:sig=AQFnlW0ufYLeK3CL79rfV6thRSz2yZ5D" |
|
.t.co/ | Name: muc_ads Value: 2e478482-0e32-4db8-9c63-c591a6de67a5 |
|
.twitter.com/ | Name: personalization_id Value: "v1_7H7QSr080hUEUGow/zHRsw==" |
|
.getty.edu/ | Name: _ScCbts Value: %5B%5D |
|
.getty.edu/ | Name: cto_bundle Value: V6UxJF80UU5kSVQzSCUyRk51QlVLJTJCSE1EOFV3MUl3MXNrVEZRZUluWldRUWdQTlJYakxDUDMzajAxdTElMkJMVHRkNWl5NzhEN2tlaDRoMmZHRTVhZ0wlMkZxSGh5SFBGYkE1cVJxdTdOemd2MG9wVyUyRkMlMkJ6VUNwM05nd1BJalhqb3ZLYUl3c0dUT0xjWVlZTWpvbUZnQ0g1WGNqSiUyRkFVQSUzRCUzRA |
|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAE3GyQ3AMAgEwIqQYDmdbowVqnDx+WZe43KygCLjDLIQUO9uekPLsQbDesX4kQR0wSvvr/wBGMx2IkAAAAA= |
|
.tapad.com/ | Name: TapAd_TS Value: 1722392587350 |
|
.tapad.com/ | Name: TapAd_DID Value: 4f4eecc9-349c-498a-8b78-cfc0fb4d7a69 |
|
.tapad.com/ | Name: TapAd_3WAY_SYNCS Value: |
|
.getty.edu/ | Name: _sctr Value: 1%7C1722322800000 |
|
.getty.edu/ | Name: _ga_2R5HXNY7WQ Value: GS1.1.1722392586.1.1.1722392587.59.0.703576841 |
|
.casalemedia.com/ | Name: CMID Value: ZqmgC9HM6NIAABPyAHh4HwAA |
|
.casalemedia.com/ | Name: CMPS Value: 3458 |
|
.casalemedia.com/ | Name: CMPRO Value: 3458 |
|
.adnxs.com/ | Name: XANDR_PANID Value: DfLz-HhKdksw80yM8i5bt_4QIHrHCbeW9sa1vtfBZOYTWK7tVWfRwwjj-3eTe5Skv8h6ByjK0ZrLXTXLKGRc7wskiTG7_2mMsrwKH3uOfIg. |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: uuid2 Value: 1264143055003058 |
|
.taboola.com/ | Name: t_gid Value: d710b3a4-6148-43de-8589-100b679025de-tuctda3258b |
|
.taboola.com/ | Name: t_pt_gid Value: d710b3a4-6148-43de-8589-100b679025de-tuctda3258b |
|
.ads.stickyadstv.com/ | Name: UID Value: cb4c67beee41bb4d5de3a46bf08643b6 |
|
.ads.stickyadstv.com/ | Name: uid-bp-11554 Value: k-jgiuEoJOedgtcxMfohoF9HjTKp8KyEa4Ot0JzA |
|
.mediawallahscript.com/ | Name: mCookie Value: d30dbb90-4ee3-11ef-8370-4199bcf8bc0d |
|
.mediawallahscript.com/ | Name: mUserCookie Value: %7B%7D |
|
.omnitagjs.com/ | Name: ayl_visitor Value: 231f3f6aa705063ec9331510f7664ef9 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmz9oCUOfB09OQcn3dvp4sGH5V0ALFZm3_Np_YVzMAzHyhoLaGP6MzzEoY45vg |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C%>nXw)=!@wnfH1YdP.dEXlSkdnTUAxX9ntUk%T%]?ZnPC1-SrhtLSZUpbCq?haSb*H.o(%o61.!FQknG!?P(hw9P-HC_#txT^+`LIH |
|
.bidswitch.net/ | Name: tuuid Value: b28fc182-2c65-4a20-98b3-39641a9ead1e |
|
.bidswitch.net/ | Name: c Value: 1722392587 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1722392587 |
|
exchange.mediavine.com/ | Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22d31e8470-4ee3-11ef-87f5-ff16455d8da1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D |
|
exchange.mediavine.com/ | Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22d31e8470-4ee3-11ef-87f5-ff16455d8da1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D |
|
exchange.mediavine.com/ | Name: am_tokens Value: %7B%22mv_uuid%22%3A%22d31e8470-4ee3-11ef-87f5-ff16455d8da1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D |
|
exchange.mediavine.com/ | Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22d31e8470-4ee3-11ef-87f5-ff16455d8da1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D |
|
exchange.mediavine.com/ | Name: criteo Value: %7B%22id%22%3A%22k-4MAWR4JOedgtcxMfohoF9HjTKp9ww_DHDwzWuQ%22%2C%22version%22%3A%22criteo%22%7D |
|
.smartadserver.com/ | Name: pid Value: 7341865968832032707 |
|
.smartadserver.com/ | Name: TestIfCookieP Value: ok |
|
.smartadserver.com/ | Name: csync Value: 79:k-TfwSoIJOedgtcxMfohoF9HjTKp-JspAwqXXkjg |
|
.bluekai.com/ | Name: bkdc Value: phx |
|
.bluekai.com/ | Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1L5UNuQ8teUqvXxflpnD/eGLGzQpBpQfJvTbFBWrJYvC0OQeOSCRg |
|
.bluekai.com/ | Name: bku Value: uUW999rQ3VqcPi/r |
|
.360yield.com/ | Name: tuuid Value: a6d5d2df-25be-4013-8b50-af7e1275ec29 |
|
.360yield.com/ | Name: tuuid_lu Value: 1722392587 |
|
.bing.com/ | Name: MUID Value: 2397695B4589612A21C77D96445F60C8 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.criteo.com/ | Name: cto_bundle Value: IX3BaV9CRTFRa2ZMT2xVNGtUeVczTzFLZGVhcFA5UXlZWWVkSEIlMkIlMkYzU3hxaGExJTJCQndUQVVwd3Frakx1U2swOXlTR04lMkY |
|
.postrelease.com/ | Name: visitor Value: 337a0757-6d2a-4f86-9d56-1a00314fc8fd |
|
.postrelease.com/ | Name: status Value: 0 |
|
.media.net/ | Name: visitor-id Value: 3653941871978369000V10 |
|
.media.net/ | Name: data-c-ts Value: 1722392587 |
|
.media.net/ | Name: data-c Value: k-6ni11YJOedgtcxMfohoF9HjTKp-7DYitfDxzeA~~3 |
|
.360yield.com/ | Name: um Value: !38,rFR5tsD8T0GTZYV5H0SvD.UBLC1GjfPLQ2essy1P9M8zwSXHV-Gl0WhyCcRAqcQOsJdMsYea,1730168587 |
|
.360yield.com/ | Name: umeh Value: !38,0,1784600587,-1 |
|
.crwdcntrl.net/ | Name: _cc_dc Value: 0 |
|
.crwdcntrl.net/ | Name: _cc_id Value: 7f17c75ab1195c614613c8eb2b66509b |
|
.pubmatic.com/ | Name: KRTBCOOKIE_97 Value: 3385-uid:k-zaZPxIJOedgtcxMfohoF9HjTKp95WTnYCHFRWg&KRTB&23037-uid:k-zaZPxIJOedgtcxMfohoF9HjTKp95WTnYCHFRWg&KRTB&23144-uid:k-zaZPxIJOedgtcxMfohoF9HjTKp95WTnYCHFRWg&KRTB&23286-uid:k-zaZPxIJOedgtcxMfohoF9HjTKp95WTnYCHFRWg |
|
.pubmatic.com/ | Name: PugT Value: 1722392587 |
|
.liadm.com/ | Name: lidid Value: 860f1ca8-fae8-45e6-a567-468208e923af |
|
.rubiconproject.com/ | Name: audit_p Value: 1|HZBWBnUpesm9hSWrkFNIb5I9eDDUDfzAjUnJK7K+CMQ3Sds8s51Nz/xfVcc4ZnStjUqQ+0wa49SM1KxoLazIt+aleybw1oy9Ba0etFFpiE2M1ngv/GAO+Sx5bi6Lbcf1EV5orkaPqipOBgdeDOSsfnAGtDO7YELw7ethr1ntzV3mQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg= |
|
.rubiconproject.com/ | Name: khaos Value: LZ982QJG-J-53N6 |
|
.rubiconproject.com/ | Name: khaos_p Value: LZ982QJG-J-53N6 |
|
.rubiconproject.com/ | Name: audit Value: 1|HZBWBnUpesm9hSWrkFNIb5I9eDDUDfzAjUnJK7K+CMQ3Sds8s51Nz/xfVcc4ZnStjUqQ+0wa49SM1KxoLazIt+aleybw1oy9Ba0etFFpiE2M1ngv/GAO+Sx5bi6Lbcf1EV5orkaPqipOBgdeDOSsfnAGtDO7YELw7ethr1ntzV3mQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg= |
|
.rubiconproject.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.smaato.net/ | Name: SCM Value: 1c1d0506e0 |
|
.smaato.net/ | Name: SCM1001851 Value: 1c1d0506e0 |
|
.demdex.net/ | Name: demdex Value: 88771417075020760633436149058985229967 |
|
.teads.tv/ | Name: tt_viewer Value: 62c29475-df84-4b14-a109-3125d961149c |
|
.3lift.com/ | Name: tluidp Value: 1042460910541532717095 |
|
.3lift.com/ | Name: tluid Value: 1042460910541532717095 |
|
.dpm.demdex.net/ | Name: dpm Value: 88771417075020760633436149058985229967 |
|
.adsrvr.org/ | Name: TDID Value: ee95b132-a258-4cba-8448-6ee34dde72da |
|
.tremorhub.com/ | Name: tvid Value: 0599f306e3e44027b5e868e7a40d8135 |
|
.tremorhub.com/ | Name: tv_UICR Value: k-SNty9YJOedgtcxMfohoF9HjTKp_rO_CHmyG1zA |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwi2t6SpzsSYPRAFOAE. |
|
.deepintent.com/ | Name: CDIUSER Value: di_3393708cfff6464b89058 |
|
.aralego.com/ | Name: sspid Value: 8b11b80e-a82e-3035-8f2c-ef756222e68a |
|
.yieldmo.com/ | Name: yieldmo_id Value: VaDkcNUE4kURsyyV4ISH%7C1722384000000%7C0 |
|
.ads.yieldmo.com/ | Name: ptrcriteo Value: k-1WDa74JOedgtcxMfohoF9HjTKp-ZqhcEKm9ZKw |
|
.rqtrk.eu/ | Name: browser_id Value: 1:a3c45797-c821-478f-8475-2f581ecf35d1 |
|
.mediawallahscript.com/ | Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_07_2024 Value: %7B%221pVtae%22%3A1%7D |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.360yield.com
ade.clmbtech.com
ads.stickyadstv.com
analytics.google.com
analytics.twitter.com
archive.org
c.bing.com
cdn.aralego.net
cdn.contentstack.io
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
jadserve.postrelease.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
media.getty.edu
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
partner.mediawallahscript.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
sc-static.net
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.aralego.com
sync.crwdcntrl.net
sync.outbrain.com
t.co
tags.bluekai.com
tr.snapchat.com
tr6.snapchat.com
trends.revcontent.com
visitor.omnitagjs.com
ws.rqtrk.eu
www.facebook.com
www.getty.edu
www.google.ca
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
archive.org
trends.revcontent.com
104.18.36.155
104.244.42.195
107.23.203.136
108.139.47.8
13.107.42.14
141.226.124.48
142.251.179.94
146.75.28.157
15.197.193.217
151.101.2.137
172.67.71.254
192.96.203.13
195.244.31.10
209.85.144.157
23.105.12.120
23.210.0.209
23.222.197.151
23.48.8.28
2600:1408:ec00:13::1730:6833
2600:1408:ec00:1e::1735:23ea
2600:1f18:612b:4232:5012:c2ca:70d1:c09
2600:1f18:ed:550a:85cb:ead1:1860:f306
2600:9000:2209:ac00:1b:5138:8a40:93a1
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1d::5d
2607:f8b0:400d:c04::9b
2607:f8b0:400d:c09::66
2620:100:a00b::12
2620:100:a00b::a
2620:1ec:21::14
2620:1ec:c11::237
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.162.125.105
3.163.245.4
3.85.165.15
34.192.193.130
34.193.146.118
34.207.3.5
35.190.43.134
35.211.178.172
38.91.45.7
44.208.93.210
51.222.241.106
52.20.195.43
52.223.22.214
52.23.65.135
54.197.96.154
54.243.111.131
63.251.28.230
68.67.179.87
69.173.151.100
70.42.32.159
72.21.81.130
74.119.117.16
8.28.7.83
042965d1313e67a0d00c23b89d896deba612c596b470546323964a6d13b31207
0a1e7c0eaf59d6f3eba201c7ce0f90706c13840b2b121c7d6f15fd48b8f2ebdc
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b46958f252606d2a4ffc93ff7c924f9e070c0c04367259adac0ca0f6cbc0da8
0cefa819ab4bb08956d2938691bb1a8cbf9fca82ed66f7c306eec22cd7f5cdcc
0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3
2a5c559082488e25e40238d379d467dd0368eb3f048898681e315dfd19178434
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa974fe82857a032e2f7b90fca178f490014c08b4044c0355e7815e6a574bf8
52de9720410a5454c5dfbd0d158bc1811e0ab2ec7592b51eb77d8131e9887893
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66f8c8cfedbd1475548a9896c3535b5645b339b31c202b4a7726159c8258a92a
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
81908d6be8c896ade8cde0231745872f29079521fab7b286c740afd039112ac5
8330ed1979996869b3a4bd58faf70627e4f13f2a251d525fe1ff3a63009c6709
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a35df7f09e4a7aa5a0818a5d69b98cad6fa1b7ce46a680506c475d58a41ea8d5
a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b12d391a849d43216af880e614ac4a9c7764c4e5acfef809c5e61effb15619cc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b47789eb813ba17bd0747ddd22221f1209486ed95ef2b11b4d786c5f76c368
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c52fc49981ed06911b4cf3765c39e8bc616d7f4de380099c6cc2c905f2d2ff69
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1
cd49758f91b7c8eec6a506274a744122db49750cb84284526e00ec7b43289c78
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
db97617cfeec43090f1c12956d24b1087bcbc426b073eac71f6034fc599af334
dc242f2acb69deaa2c17cce616c89430cd666771b2e8303465bbfdc340d39663
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88cd5b705c6c66f97553fcc959e9c73f7ecf55eb5151c9e9e78c16807368040
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eb4fd272bed59cc56743956d52112c95183811e53b9494a23223e250c13c0553
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6364a7b55b6e43e9c8d10fb847b3bf3bc6aaded2c3cd27126425eb373b3a845