urlscan.io logo urlscan.io
SecurityTrails logo

www.theguardian.com Open in urlscan Pro
2a04:4e42:600::367  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Submission: On December 14 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 13 countries across 148 domains to perform 595 HTTP transactions. The main IP is 2a04:4e42:600::367, located in United States and belongs to FASTLY, US. The main domain is www.theguardian.com. The Cisco Umbrella rank of the primary domain is 14350.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 14th 2023. Valid for: a year.
This is the only time www.theguardian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 2a04:4e42:600... 54113 (FASTLY)
21 2a04:4e42:200... 54113 (FASTLY)
14 52.19.137.36 16509 (AMAZON-02)
2 2607:f8b0:402... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 3.162.1.135 16509 (AMAZON-02)
2 4 3.162.3.51 16509 (AMAZON-02)
1 23.56.163.154 16625 (AKAMAI-AS)
1 146.75.36.157 54113 (FASTLY)
13 2607:f8b0:402... 15169 (GOOGLE)
19 25 172.217.13.194 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.162.3.119 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.51.57.155 16625 (AKAMAI-AS)
2 104.244.42.69 13414 (TWITTER)
2 104.244.42.67 13414 (TWITTER)
1 54.192.51.46 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.9.51 396982 (GOOGLE-CL...)
17 20 68.67.160.114 29990 (ASN-APPNEX)
1 2607:f8b0:402... 15169 (GOOGLE)
3 2607:f8b0:402... 15169 (GOOGLE)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 20.40.202.2 8075 (MICROSOFT...)
14 18.207.78.168 14618 (AMAZON-AES)
1 172.253.115.156 15169 (GOOGLE)
3 13.33.17.200 16509 (AMAZON-02)
3 69.166.1.64 27630 (AS-XFERNET)
3 104.36.115.111 62713 (AS-PUBMATIC)
3 35.211.81.111 15169 (GOOGLE)
3 2620:100:a001... 19750 (AS-CRITEO)
3 52.0.187.21 14618 (AMAZON-AES)
5 22 172.64.151.101 13335 (CLOUDFLAR...)
38 172.64.144.78 13335 (CLOUDFLAR...)
3 107.20.138.145 14618 (AMAZON-AES)
25 52.14.231.222 16509 (AMAZON-02)
5 2607:f8b0:402... 15169 (GOOGLE)
2 19 52.46.128.147 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
6 51.222.39.185 16276 (OVH)
5 23.220.109.13 16625 (AKAMAI-AS)
3 12 2607:f350:3:2... 27630 (AS-XFERNET)
5 16 34.98.64.218 396982 (GOOGLE-CL...)
2 2 23.105.12.143 30633 (LEASEWEB-...)
2 3 63.251.86.51 10913 (INTERNAP-BLK)
1 7 63.251.114.137 32475 (SINGLEHOP...)
21 34.197.219.74 14618 (AMAZON-AES)
5 14 35.71.139.29 16509 (AMAZON-02)
3 2607:f8b0:402... 15169 (GOOGLE)
19 20 35.211.178.172 15169 (GOOGLE)
16 16 15.197.193.217 16509 (AMAZON-02)
3 3 199.38.167.131 54312 (ROCKETFUEL)
6 6 198.148.27.131 19189 (PULSEPOINT)
5 5 54.166.150.36 14618 (AMAZON-AES)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2620:112:f002... 6336 (TURN-US-ASN)
2 3 3.92.120.184 14618 (AMAZON-AES)
1 3.162.3.89 16509 (AMAZON-02)
9 14 34.111.113.62 396982 (GOOGLE-CL...)
5 9 35.244.154.8 396982 (GOOGLE-CL...)
1 2 107.178.254.65 15169 (GOOGLE)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
9 10 8.28.7.82 62713 (AS-PUBMATIC)
9 30 8.28.7.83 62713 (AS-PUBMATIC)
3 4 44.216.234.174 14618 (AMAZON-AES)
16 16 69.194.240.13 26120 (RHYTHMONE)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
1 3 23.56.162.28 16625 (AKAMAI-AS)
2 3 37.157.4.28 198622 (ADFORM)
2 3 63.251.28.233 13789 (INTERNAP-...)
12 12 67.202.105.23 32748 (STEADFAST)
3 4 23.105.12.170 30633 (LEASEWEB-...)
4 5 35.214.138.188 15169 (GOOGLE)
3 4 34.205.215.181 14618 (AMAZON-AES)
6 7 107.21.52.231 14618 (AMAZON-AES)
2 2 3.162.3.74 16509 (AMAZON-02)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
6 7 3.225.218.10 14618 (AMAZON-AES)
3 7 2600:1f18:4e9... 14618 (AMAZON-AES)
5 5 23.1.200.83 16625 (AKAMAI-AS)
10 23.56.163.106 16625 (AKAMAI-AS)
2 2 35.211.118.13 15169 (GOOGLE)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 82.145.213.8 39832 (NO-OPERA)
2 2 35.169.93.15 14618 (AMAZON-AES)
3 3 69.90.254.78 13768 (COGECO-PEER1)
4 151.101.65.111 54113 (FASTLY)
5 104.36.115.113 62713 (AS-PUBMATIC)
1 40.76.134.238 8075 (MICROSOFT...)
3 3 35.194.66.159 396982 (GOOGLE-CL...)
5 162.248.18.34 62713 (AS-PUBMATIC)
9 14 8.43.72.98 26667 (RUBICONPR...)
2 36 172.64.146.152 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
28 57 8.43.72.97 26667 (RUBICONPR...)
1 67.220.228.201 16509 (AMAZON-02)
11 11 52.86.134.182 14618 (AMAZON-AES)
2 3 147.28.129.37 54825 (PACKET)
4 4 54.157.57.36 14618 (AMAZON-AES)
1 1 2600:9000:21a... 16509 (AMAZON-02)
1 2 2600:9000:21a... 16509 (AMAZON-02)
1 13.225.195.23 16509 (AMAZON-02)
1 104.117.182.209 20940 (AKAMAI-ASN1)
2 2620:100:a001::4 19750 (AS-CRITEO)
4 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 3.162.3.37 16509 (AMAZON-02)
1 23.220.110.24 16625 (AKAMAI-AS)
1 34.95.113.183 396982 (GOOGLE-CL...)
1 199.250.162.129 26459 (TTD-ASN-01)
1 72.44.36.234 14618 (AMAZON-AES)
2 2600:1f18:1ac... 14618 (AMAZON-AES)
7 2607:f8b0:402... 15169 (GOOGLE)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 34.117.228.201 396982 (GOOGLE-CL...)
1 74.119.119.139 19750 (AS-CRITEO)
1 3 67.202.105.34 32748 (STEADFAST)
2 3 35.186.193.173 15169 (GOOGLE)
7 7 207.198.113.86 13768 (COGECO-PEER1)
2 5 54.209.94.68 14618 (AMAZON-AES)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 3.162.3.33 16509 (AMAZON-02)
2 2 52.22.12.118 14618 (AMAZON-AES)
1 1 165.227.251.217 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.41.104 13335 (CLOUDFLAR...)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 2 52.72.183.95 14618 (AMAZON-AES)
4 4 74.119.119.150 19750 (AS-CRITEO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.239.225.14 ()
1 1 104.22.69.131 13335 (CLOUDFLAR...)
5 5 50.31.142.63 23352 (SERVERCEN...)
2 2 45.137.176.88 60350 (VP)
1 1 23.108.103.8 59253 (LEASEWEB-...)
2 2 96.46.186.59 7979 (SERVERS-COM)
1 1 35.173.52.203 14618 (AMAZON-AES)
2 2 192.132.33.68 18568 (BIDTELLECT)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
4 8 135.148.2.56 16276 (OVH)
1 2 38.91.45.7 398989 (DEEPINTENT)
3 4 151.101.130.49 54113 (FASTLY)
4 4 2620:116:800b... 14618 (AMAZON-AES)
2 2 134.122.57.34 14061 (DIGITALOC...)
1 2 44.197.22.251 14618 (AMAZON-AES)
1 3 44.198.25.64 14618 (AMAZON-AES)
1 52.72.18.3 14618 (AMAZON-AES)
5 5 2606:ae80:147... 25751 (VALUECLICK)
10 10 185.167.164.39 198622 (ADFORM)
1 2 38.68.201.140 174 (COGENT-174)
1 2 52.21.58.192 14618 (AMAZON-AES)
7 34.117.239.71 396982 (GOOGLE-CL...)
1 1 213.19.162.80 3356 (LEVEL3)
1 15.235.42.104 16276 (OVH)
2 3 35.227.252.103 15169 (GOOGLE)
1 34.149.50.64 15169 (GOOGLE)
2 2 216.200.232.249 30419 (MEDIAMATH...)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 70.42.32.127 13789 (INTERNAP-...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 3.230.74.156 14618 (AMAZON-AES)
1 52.206.176.4 14618 (AMAZON-AES)
3 3 173.231.178.77 32475 (SINGLEHOP...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 96.46.186.182 7979 (SERVERS-COM)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 3.162.3.25 16509 (AMAZON-02)
1 1 38.98.69.175 174 (COGENT-174)
1 159.89.246.130 14061 (DIGITALOC...)
1 2606:ae80:147... 25751 (VALUECLICK)
1 1 23.56.220.66 16625 (AKAMAI-AS)
2 3 44.199.51.202 14618 (AMAZON-AES)
1 1 213.227.153.220 60781 (LEASEWEB-...)
2 2 162.55.233.28 24940 (HETZNER-AS)
1 1 54.210.243.216 14618 (AMAZON-AES)
1 54.192.51.126 16509 (AMAZON-02)
1 1 34.202.194.6 14618 (AMAZON-AES)
1 1 52.1.92.31 14618 (AMAZON-AES)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 1 141.95.98.64 16276 (OVH)
1 1 198.24.170.28 19437 (SS-ASH)
1 1 172.105.199.172 63949 (AKAMAI-LI...)
1 195.5.165.20 44968 (IPROM-AS)
1 23.88.86.2 24940 (HETZNER-AS)
2 2 184.86.146.172 16625 (AKAMAI-AS)
1 18.215.67.38 14618 (AMAZON-AES)
1 2 54.156.158.209 14618 (AMAZON-AES)
3 4 34.251.97.118 16509 (AMAZON-02)
1 1 185.167.164.43 198622 (ADFORM)
1 3.162.3.79 16509 (AMAZON-02)
1 2 50.57.31.206 19994 (RACKSPACE)
2 2 141.94.171.216 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
595 139
37    2a04:4e42:600::367 (United States)

ASN54113 (FASTLY, US)
www.theguardian.com
assets.guim.co.uk
i.guim.co.uk
sourcepoint.theguardian.com
21    2a04:4e42:200::367 (United States)

ASN54113 (FASTLY, US)
assets.guim.co.uk
sourcepoint.theguardian.com
contributions.guardianapis.com
14    52.19.137.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
ophan.theguardian.com
2    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    3.162.1.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-1-135.yul62.r.cloudfront.net
c.amazon-adsystem.com
4    3.162.3.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-51.yul62.r.cloudfront.net
sb.scorecardresearch.com
1    23.56.163.154 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-154.deploy.static.akamaitechnologies.com
a.teads.tv
1    146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
13    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
25    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
www.googleadservices.com
cm.g.doubleclick.net
2    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    3.162.3.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-119.yul62.r.cloudfront.net
cdn.adsafeprotected.com
2    2606:4700:20::ac43:4842 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
1    23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com
at.teads.tv
2    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    54.192.51.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-46.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
20    68.67.160.114 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
14    18.207.78.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-78-168.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
bid.g.doubleclick.net
3    13.33.17.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-17-200.atl58.r.cloudfront.net
aax.amazon-adsystem.com
3    69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    35.211.81.111 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 111.81.211.35.bc.googleusercontent.com
grid.bidswitch.net
3    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
3    52.0.187.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-187-21.compute-1.amazonaws.com
tlx.3lift.com
22    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
38    172.64.144.78 (United States)

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
3    107.20.138.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-138-145.compute-1.amazonaws.com
krk2.kargo.com
25    52.14.231.222 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-231-222.us-east-2.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
visitor-us-east-2.omnitagjs.com
5    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
pagead2.googlesyndication.com
19    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
cae8c2ea28e3374f652de81f8b96026c.safeframe.googlesyndication.com
6    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
5    23.220.109.13 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-109-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
12    2607:f350:3:2569:0:10:0:200d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
16    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync-global.smartadserver.com
3    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
7    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
21    34.197.219.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-219-74.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
pbs-cs.yellowblue.io
14    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
20    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
16    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    54.166.150.36 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-150-36.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
3    3.92.120.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-184.compute-1.amazonaws.com
dpm.demdex.net
1    3.162.3.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-89.yul62.r.cloudfront.net
api.intentiq.com
14    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
9    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
10    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
30    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
4    44.216.234.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-234-174.compute-1.amazonaws.com
ads.yieldmo.com
16    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com
contextual.media.net
3    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
12    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    23.105.12.170 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
5    35.214.138.188 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 188.138.214.35.bc.googleusercontent.com
csync.loopme.me
4    34.205.215.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-215-181.compute-1.amazonaws.com
match.sharethrough.com
7    107.21.52.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-52-231.compute-1.amazonaws.com
i.liadm.com
2    3.162.3.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-74.yul62.r.cloudfront.net
live.rezync.com
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
7    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
7    2600:1f18:4e9:5a02:66d2:da85:8248:ed74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
5    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    35.169.93.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-93-15.compute-1.amazonaws.com
aorta.clickagy.com
3    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
4    151.101.65.111 (United States)

ASN54113 (FASTLY, US)
api.nextgen.guardianapps.co.uk
5    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
3    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
5    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
14    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-us-east.rubiconproject.com
36    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
ins.connatix.com
lit.connatix.com
cks.connatix.com
2    2600:9000:215f:fc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
57    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
11    52.86.134.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-134-182.compute-1.amazonaws.com
match.prod.bidr.io
3    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    54.157.57.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-57-36.compute-1.amazonaws.com
sync.ipredictive.com
1    2600:9000:21a2:3800:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    2600:9000:21a2:f400:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    13.225.195.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-23.yul62.r.cloudfront.net
sync1.intentiq.com
1    104.117.182.209 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-209.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
4    2600:141b:1c00:f::172c:c9cc (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    3.162.3.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-37.yul62.r.cloudfront.net
choices.truste.com
1    23.220.110.24 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-110-24.deploy.static.akamaitechnologies.com
z.moatads.com
1    34.95.113.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.113.95.34.bc.googleusercontent.com
ox-rtb-us-east4.openx.net
1    199.250.162.129 (United States)

ASN26459 (TTD-ASN-01, US)
va6-bid.adsrvr.org
1    72.44.36.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-36-234.compute-1.amazonaws.com
protected-by.clarium.io
2    2600:1f18:1aca:4282:43b2:9ac0:b6a1:39c2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
7    2607:f8b0:4020:807::2006 (Montreal, Canada)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
cm.ctnsnet.com
ipac.ctnsnet.com
7    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    54.209.94.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-94-68.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
1    2600:1f18:612b:4232:d668:fd9c:9cad:2b9f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
connatix-supply-partners.tremorhub.com
1    3.162.3.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-33.yul62.r.cloudfront.net
tags.crwdcntrl.net
2    52.22.12.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-12-118.compute-1.amazonaws.com
vop.sundaysky.com
1    165.227.251.217 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
cds.connatix.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    52.72.183.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-183-95.compute-1.amazonaws.com
ads.creative-serving.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    18.239.225.14 (United States)

ASN- ()
PTR: server-18-239-225-14.mia3.r.cloudfront.net
api-2-0.spot.im
1    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
5    50.31.142.63 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    23.108.103.8 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
2    96.46.186.59 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    35.173.52.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-52-203.compute-1.amazonaws.com
jadserve.postrelease.com
2    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com
bttrack.com
1    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
8    135.148.2.56 (United States)

ASN16276 (OVH, FR)
PTR: ip56.ip-135-148-2.us
rtb-csync.smartadserver.com
sync.smartadserver.com
2    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    44.197.22.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-22-251.compute-1.amazonaws.com
thrtle.com
3    44.198.25.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-25-64.compute-1.amazonaws.com
crb.kargo.com
1    52.72.18.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-18-3.compute-1.amazonaws.com
sync.bfmio.com
5    2606:ae80:1471:1c::2010 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
rubicon-match.dotomi.com
prebid-match.dotomi.com
10    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    52.21.58.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-58-192.compute-1.amazonaws.com
rtb.adentifi.com
7    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
events-ssc.33across.com
1    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    15.235.42.104 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl
wt.rqtrk.eu
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
2    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    2600:1f18:ed:550a:cd25:a651:9c8e:3acd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    3.230.74.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-74-156.compute-1.amazonaws.com
exchange.mediavine.com
1    52.206.176.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-176-4.compute-1.amazonaws.com
cs.minutemedia-prebid.com
3    173.231.178.77 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid-s2s.media.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    3.162.3.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-25.yul62.r.cloudfront.net
usr.undertone.com
1    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
rbp.mxptint.net
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    2606:ae80:1471:1c::2100 (United States)

ASN25751 (VALUECLICK, US)
match.sync.ad.cpe.dotomi.com
1    23.56.220.66 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-66.deploy.static.akamaitechnologies.com
hbx.media.net
3    44.199.51.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-51-202.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
2    162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de
sync.richaudience.com
1    54.210.243.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-243-216.compute-1.amazonaws.com
pm.w55c.net
1    54.192.51.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-126.yul62.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
1    34.202.194.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-194-6.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    52.1.92.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-92-31.compute-1.amazonaws.com
ad2.360yield.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    198.24.170.28 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com
gocm.c.appier.net
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    184.86.146.172 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
1    18.215.67.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-67-38.compute-1.amazonaws.com
bpi.rtactivate.com
2    54.156.158.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-158-209.compute-1.amazonaws.com
io.narrative.io
4    34.251.97.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-97-118.eu-west-1.compute.amazonaws.com
a.audrte.com
1    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    3.162.3.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-79.yul62.r.cloudfront.net
aa.agkn.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
Apex Domain
Subdomains		 Transfer
87 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
113 KB
58 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image8.pubmatic.com — Cisco Umbrella Rank: 661
image2.pubmatic.com — Cisco Umbrella Rank: 859
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image4.pubmatic.com — Cisco Umbrella Rank: 1224
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
63 KB
39 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
232 KB
39 guim.co.uk
assets.guim.co.uk — Cisco Umbrella Rank: 21134
i.guim.co.uk — Cisco Umbrella Rank: 16182
712 KB
38 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 4765
76 KB
37 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3607
cds.connatix.com — Cisco Umbrella Rank: 3703
capi.connatix.com — Cisco Umbrella Rank: 1010
ins.connatix.com — Cisco Umbrella Rank: 4899
lit.connatix.com — Cisco Umbrella Rank: 5911
cks.connatix.com — Cisco Umbrella Rank: 5016
vid.connatix.com Failed
441 KB
28 theguardian.com
www.theguardian.com — Cisco Umbrella Rank: 14350
ophan.theguardian.com — Cisco Umbrella Rank: 18980
sourcepoint.theguardian.com — Cisco Umbrella Rank: 22046
186 KB
27 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
91 KB
25 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
visitor-us-east-2.omnitagjs.com — Cisco Umbrella Rank: 18800
12 KB
25 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net — Cisco Umbrella Rank: 336
r.bidswitch.net — Cisco Umbrella Rank: 6292
11 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
15 KB
21 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453
cs.yellowblue.io — Cisco Umbrella Rank: 1547
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 5403
10 KB
20 openx.net
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
ox-rtb-us-east4.openx.net — Cisco Umbrella Rank: 4863
rtb.openx.net — Cisco Umbrella Rank: 695
3 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
15 KB
19 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 904
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 4909
events-ssc.33across.com — Cisco Umbrella Rank: 1493
8 KB
19 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3936
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
134 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
va6-bid.adsrvr.org — Cisco Umbrella Rank: 2365
9 KB
17 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
8 KB
15 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2225
sync.go.sonobi.com — Cisco Umbrella Rank: 951
15 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
6 KB
14 adform.net
cm.adform.net — Cisco Umbrella Rank: 1211
c1.adform.net — Cisco Umbrella Rank: 560
dmp.adform.net — Cisco Umbrella Rank: 2870
7 KB
14 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
14 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6175
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
sync.smartadserver.com — Cisco Umbrella Rank: 1285
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
6 KB
11 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
6 KB
11 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
6 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
9 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
10 KB
10 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2932
api.permutive.com — Cisco Umbrella Rank: 2205
337 KB
9 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
id.rlcdn.com — Cisco Umbrella Rank: 711
1 KB
8 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
5 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
cae8c2ea28e3374f652de81f8b96026c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
7 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
5 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
136 KB
6 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
rubicon-match.dotomi.com — Cisco Umbrella Rank: 1918
match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1436
prebid-match.dotomi.com — Cisco Umbrella Rank: 1982
2 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 8167
3 KB
6 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
14 KB
6 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
ad.turn.com — Cisco Umbrella Rank: 773
2 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
5 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
4 KB
6 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2719
crb.kargo.com — Cisco Umbrella Rank: 910
2 KB
5 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 489
rtb0.doubleverify.com — Cisco Umbrella Rank: 754
rtbc-ue1.doubleverify.com Failed
42 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
1 KB
5 media.net
contextual.media.net — Cisco Umbrella Rank: 665
cs.media.net Failed
prebid-s2s.media.net — Cisco Umbrella Rank: 2564
hbx.media.net — Cisco Umbrella Rank: 1215
3 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
2 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
2 KB
5 guardianapis.com
contributions.guardianapis.com — Cisco Umbrella Rank: 21869
38 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2112
3 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
1004 B
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
2 KB
4 guardianapps.co.uk
api.nextgen.guardianapps.co.uk — Cisco Umbrella Rank: 20968
715 B
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
1 KB
4 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
4 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1419
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
4 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
2 KB
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4174
rbp.mxptint.net — Cisco Umbrella Rank: 2854
2 KB
3 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 5579
cm.ctnsnet.com — Cisco Umbrella Rank: 3764
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
993 B
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1577
hde.tynt.com — Cisco Umbrella Rank: 4170
4 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
996 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
2 KB
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2872
collector.brandmetrics.com — Cisco Umbrella Rank: 3177
21 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2888
mwzeom.zeotap.com — Cisco Umbrella Rank: 3215
878 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2916
819 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 3901
643 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1523
1 KB
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1727
714 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
418 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1289
684 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
675 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
696 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
2 KB
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4323
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
2 KB
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2302
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
csm.va.us.criteo.net Failed
63 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
123 KB
2 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1768
1 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
377 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
825 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
630 B
2 t.co
t.co — Cisco Umbrella Rank: 589
581 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
at.teads.tv — Cisco Umbrella Rank: 4890
4 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
159 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
655 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1491
109 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5650
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5215
279 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
436 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3279
608 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1442
683 B
1 360yield.com
ad2.360yield.com — Cisco Umbrella Rank: 11022
231 B
1 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2362
210 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2348
201 B
1 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
778 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2290
405 B
1 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 1822
296 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
478 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 1642
251 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1777
326 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1074
186 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
287 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1747
440 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
284 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1499
350 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1556
425 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1781
3 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 936
598 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2137
581 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2705
673 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2669
456 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2045
418 B
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 10216
426 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1550
244 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
115 KB
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 890
8 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
650 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
555 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3298
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1510
475 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425 Failed
1 KB
1 prmutv.co
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co — Cisco Umbrella Rank: 39321
388 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
0 servenobid.com Failed
ads.servenobid.com — Cisco Umbrella Rank: 2371 Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 googleapis.com Failed
imasdk.googleapis.com Failed
0 jivox.com Failed
as.jivox.com Failed
0 iqzone.com Failed
xsync.iqzone.com Failed
595 148
Domain Requested by
57 pixel.rubiconproject.com 28 redirects cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
38 elb.the-ozone-project.com assets.guim.co.uk
www.theguardian.com
elb.the-ozone-project.com
ads.stickyadstv.com
onetag-sys.com
pbs-cs.yellowblue.io
ads.pubmatic.com
static.cloudflareinsights.com
36 assets.guim.co.uk www.theguardian.com
assets.guim.co.uk
24 cm.g.doubleclick.net 19 redirects u.openx.net
cs-server-s2s.yellowblue.io
eb2.3lift.com
ssbsync.smartadserver.com
21 simage2.pubmatic.com 5 redirects s.amazon-adsystem.com
ads.pubmatic.com
20 x.bidswitch.net 19 redirects elb.the-ozone-project.com
19 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
sync.go.sonobi.com
cs-server-s2s.yellowblue.io
ssum-sec.casalemedia.com
u.openx.net
ce.lijit.com
ads.pubmatic.com
17 cks.connatix.com www.theguardian.com
16 match.adsrvr.org 16 redirects
14 us-u.openx.net 4 redirects u.openx.net
ads.pubmatic.com
de.tynt.com
us-u.openx.net
14 pixel.tapad.com 9 redirects sync.go.sonobi.com
s.amazon-adsystem.com
us-u.openx.net
visitor.omnitagjs.com
www.theguardian.com
14 eb2.3lift.com 5 redirects s.amazon-adsystem.com
assets.guim.co.uk
eb2.3lift.com
14 pixel.adsafeprotected.com assets.guim.co.uk
www.theguardian.com
14 ophan.theguardian.com www.theguardian.com
13 token.rubiconproject.com 8 redirects eus.rubiconproject.com
visitor.omnitagjs.com
13 ib.adnxs.com 10 redirects assets.guim.co.uk
eb2.3lift.com
visitor.omnitagjs.com
13 sourcepoint.theguardian.com assets.guim.co.uk
sourcepoint.theguardian.com
12 visitor.omnitagjs.com assets.guim.co.uk
visitor.omnitagjs.com
ssbsync.smartadserver.com
12 ssc-cms.33across.com 12 redirects
12 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
cds.connatix.com
visitor.omnitagjs.com
12 sync.go.sonobi.com 3 redirects s.amazon-adsystem.com
sync.go.sonobi.com
11 visitor-us-east-2.omnitagjs.com visitor.omnitagjs.com
ads.pubmatic.com
de.tynt.com
11 match.prod.bidr.io 11 redirects
11 sync.1rx.io 11 redirects
11 securepubads.g.doubleclick.net assets.guim.co.uk
securepubads.g.doubleclick.net
www.theguardian.com
www.googletagservices.com
cds.connatix.com
10 c1.adform.net 10 redirects
10 capi.connatix.com 2 redirects cds.connatix.com
www.theguardian.com
cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
10 eus.rubiconproject.com cs-server-s2s.yellowblue.io
eus.rubiconproject.com
cds.connatix.com
visitor.omnitagjs.com
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
10 image8.pubmatic.com 9 redirects ads.pubmatic.com
9 image2.pubmatic.com 4 redirects s.amazon-adsystem.com
ads.pubmatic.com
8 cs.yellowblue.io cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
pbs-cs.yellowblue.io
8 api.permutive.com assets.guim.co.uk
7 pixel-sync.sitescout.com 7 redirects
7 s0.2mdn.net www.theguardian.com
s0.2mdn.net
7 secure.adnxs.com 7 redirects
7 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
u.openx.net
s.amazon-adsystem.com
7 ups.analytics.yahoo.com 6 redirects us-u.openx.net
7 i.liadm.com 6 redirects ads.pubmatic.com
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
cs-server-s2s.yellowblue.io
6 events-ssc.33across.com de.tynt.com
us-u.openx.net
visitor.omnitagjs.com
6 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
visitor.omnitagjs.com
6 cds.connatix.com cd.connatix.com
cds.connatix.com
6 bh.contextweb.com 6 redirects
6 onetag-sys.com s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
elb.the-ozone-project.com
pbs-cs.yellowblue.io
5 b1sync.zemanta.com 5 redirects
5 image6.pubmatic.com ads.pubmatic.com
5 secure-assets.rubiconproject.com 5 redirects
5 csync.loopme.me 4 redirects visitor.omnitagjs.com
5 sync.targeting.unrulymedia.com 5 redirects
5 ad.turn.com 5 redirects
5 idsync.rlcdn.com 3 redirects us-u.openx.net
www.theguardian.com
5 sync.srv.stackadapt.com 5 redirects
5 ads.pubmatic.com s.amazon-adsystem.com
cds.connatix.com
assets.guim.co.uk
elb.the-ozone-project.com
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 contributions.guardianapis.com assets.guim.co.uk
www.theguardian.com
4 a.audrte.com 3 redirects www.theguardian.com
4 simage4.pubmatic.com ads.pubmatic.com
4 cms.quantserve.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 dis.criteo.com 4 redirects
4 id.rlcdn.com 2 redirects visitor.omnitagjs.com
4 cdn.doubleverify.com www.theguardian.com
4 sync.ipredictive.com 4 redirects
4 api.nextgen.guardianapps.co.uk assets.guim.co.uk
4 match.sharethrough.com 3 redirects cs-server-s2s.yellowblue.io
4 ssbsync.smartadserver.com 3 redirects visitor.omnitagjs.com
4 ads.yieldmo.com 3 redirects visitor.omnitagjs.com
4 px.ads.linkedin.com 1 redirects sync.go.sonobi.com
cs-server-s2s.yellowblue.io
eb2.3lift.com
4 pagead2.googlesyndication.com assets.guim.co.uk
tpc.googlesyndication.com
www.googletagservices.com
4 sb.scorecardresearch.com 2 redirects www.theguardian.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 cm.adgrx.com 3 redirects
3 rtb.openx.net 2 redirects us-u.openx.net
3 crb.kargo.com 1 redirects ads.pubmatic.com
visitor.omnitagjs.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 prebid.a-mo.net 2 redirects cs-server-s2s.yellowblue.io
3 um.simpli.fi 3 redirects
3 ums.acuityplatform.com 3 redirects
3 ads.stickyadstv.com 2 redirects elb.the-ozone-project.com
ads.stickyadstv.com
3 cm.adform.net 2 redirects cs-server-s2s.yellowblue.io
3 contextual.media.net 1 redirects cs-server-s2s.yellowblue.io
3 dpm.demdex.net 2 redirects sync.go.sonobi.com
3 creativecdn.com 3 redirects
3 p.rfihub.com 3 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 ap.lijit.com 2 redirects visitor.omnitagjs.com
3 krk2.kargo.com assets.guim.co.uk
3 htlb.casalemedia.com assets.guim.co.uk
3 tlx.3lift.com assets.guim.co.uk
3 bidder.criteo.com assets.guim.co.uk
3 grid.bidswitch.net assets.guim.co.uk
3 hbopenbid.pubmatic.com assets.guim.co.uk
3 apex.go.sonobi.com assets.guim.co.uk
3 aax.amazon-adsystem.com assets.guim.co.uk
3 www.google.com www.theguardian.com
tpc.googlesyndication.com
3 c.amazon-adsystem.com assets.guim.co.uk
3 i.guim.co.uk www.theguardian.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects www.theguardian.com
2 io.narrative.io 1 redirects ads.pubmatic.com
2 px.owneriq.net 2 redirects
2 sync.richaudience.com 2 redirects
2 sync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 rubicon-match.dotomi.com 2 redirects
2 sync.mathtag.com 2 redirects
2 rtb.adentifi.com 1 redirects ads.pubmatic.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 match.adsby.bidtheatre.com 2 redirects
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 bttrack.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 sync.adotmob.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 bcp.crwdcntrl.net assets.guim.co.uk
www.theguardian.com
2 vop.sundaysky.com 2 redirects
2 de.tynt.com 1 redirects visitor.omnitagjs.com
2 ssum.casalemedia.com 2 redirects
2 ins.connatix.com cds.connatix.com
2 gum.criteo.com 1 redirects static.criteo.net
2 dt.adsafeprotected.com
2 static.criteo.net assets.guim.co.uk
2 sync.intentiq.com 1 redirects
2 static.adsafeprotected.com pixel.adsafeprotected.com
www.theguardian.com
2 www.googletagservices.com www.theguardian.com
2 aorta.clickagy.com 2 redirects
2 t.adx.opera.com 2 redirects
2 tr.blismedia.com 1 redirects ce.lijit.com
2 r.bidswitch.net 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 live.rezync.com 2 redirects
2 pippio.com 1 redirects ssum-sec.casalemedia.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 hb-api.omnitagjs.com assets.guim.co.uk
2 analytics.twitter.com www.theguardian.com
2 t.co www.theguardian.com
2 cdn.brandmetrics.com assets.guim.co.uk
cdn.brandmetrics.com
2 cdn.permutive.com assets.guim.co.uk
2 cdn.confiant-integrations.net assets.guim.co.uk
cdn.confiant-integrations.net
2 www.google-analytics.com assets.guim.co.uk
1 mwzeom.zeotap.com www.theguardian.com
1 spl.zeotap.com 1 redirects
1 aa.agkn.com www.theguardian.com
1 dmp.adform.net 1 redirects
1 bpi.rtactivate.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 server.cpmstar.com 1 redirects
1 prebid-match.dotomi.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 sync.inmobi.com 1 redirects
1 pbs-cs.yellowblue.io elb.the-ozone-project.com
1 ad2.360yield.com 1 redirects
1 cookies.nextmillmedia.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com www.theguardian.com
1 pm.w55c.net 1 redirects
1 b1h-euc1.zemanta.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 hbx.media.net 1 redirects
1 match.sync.ad.cpe.dotomi.com visitor.omnitagjs.com
1 e.serverbid.com visitor.omnitagjs.com
1 rbp.mxptint.net 1 redirects
1 usr.undertone.com visitor.omnitagjs.com
1 dsp.adfarm1.adition.com 1 redirects
1 sync.aniview.com visitor.omnitagjs.com
1 s.tribalfusion.com visitor.omnitagjs.com
1 prebid-s2s.media.net visitor.omnitagjs.com
1 cs.minutemedia-prebid.com visitor.omnitagjs.com
1 exchange.mediavine.com visitor.omnitagjs.com
1 i6.liadm.com visitor.omnitagjs.com
1 sync.outbrain.com visitor.omnitagjs.com
1 s2s.t13.io visitor.omnitagjs.com
1 s.seedtag.com visitor.omnitagjs.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 pixel-eu.rubiconproject.com 1 redirects
1 cms-xch-chicago.33across.com de.tynt.com
1 sync.bfmio.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 csync.smilewanted.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 js-sec.indexww.com assets.guim.co.uk
1 cdnjs.cloudflare.com s0.2mdn.net
www.theguardian.com
1 sync.resetdigital.co 1 redirects
1 tags.crwdcntrl.net cds.connatix.com
1 connatix-supply-partners.tremorhub.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 hde.tynt.com cds.connatix.com
1 lit.connatix.com cds.connatix.com
1 mug.criteo.com
1 rtb0.doubleverify.com www.theguardian.com
1 protected-by.clarium.io www.theguardian.com
1 va6-bid.adsrvr.org www.theguardian.com
1 ox-rtb-us-east4.openx.net www.theguardian.com
1 z.moatads.com www.theguardian.com
1 choices.truste.com www.theguardian.com
1 hb.yahoo.net s.amazon-adsystem.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com cs-server-s2s.yellowblue.io
1 pixel-us-east.rubiconproject.com 1 redirects
1 cd.connatix.com www.theguardian.com
1 image4.pubmatic.com s.amazon-adsystem.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 s.company-target.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 api.intentiq.com sync.go.sonobi.com
1 d.turn.com sync.go.sonobi.com
1 id5-sync.com sync.go.sonobi.com
1 ssbsync-us.smartadserver.com 1 redirects
1 cae8c2ea28e3374f652de81f8b96026c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pubads.g.doubleclick.net
1 bid.g.doubleclick.net www.googleadservices.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co assets.guim.co.uk
1 stats.g.doubleclick.net assets.guim.co.uk
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 at.teads.tv assets.guim.co.uk
1 cdn.adsafeprotected.com assets.guim.co.uk
1 www.googleadservices.com assets.guim.co.uk
1 static.ads-twitter.com assets.guim.co.uk
1 a.teads.tv assets.guim.co.uk
1 www.theguardian.com
0 ads.servenobid.com Failed elb.the-ozone-project.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 csm.va.us.criteo.net Failed gum.criteo.com
0 vid.connatix.com Failed cds.connatix.com
0 imasdk.googleapis.com Failed cds.connatix.com
0 as.jivox.com Failed www.theguardian.com
0 rtbc-ue1.doubleverify.com Failed cdn.doubleverify.com
0 cs.media.net Failed
0 xsync.iqzone.com Failed cds.connatix.com
595 241

This site contains no links.

Subject Issuer Validity Valid
theguardian.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-14 -
2024-12-15		 a year crt.sh
ophan.theguardian.com
Amazon RSA 2048 M02		 2023-05-30 -
2024-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-01 -
2024-02-01		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
api.permutive.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
the-ozone-project.com
E1		 2023-10-26 -
2024-01-24		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
connatix.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-22 -
2024-03-20		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh

This page contains 83 frames:

Primary Page: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Frame ID: 3165DE24E9D69305A5A82F0A49A908A2
Requests: 193 HTTP requests in this frame

Frame: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
Frame ID: 06FDEB8F7196752E486B36F51A8EF160
Requests: 7 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 0B4D74665A4CBF1FBF4B5BF3386F62F8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Frame ID: CED9C683C9B6D9D5CD7F47F341C78D76
Requests: 1 HTTP requests in this frame

Frame: https://cae8c2ea28e3374f652de81f8b96026c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D545912F865840694A5D7CF0146A608
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: AC0F3B86D40BDD4539BCCEC808874F50
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 4368C45D3E2D6BA9E5F6FAAFF44E3731
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 1897F48E61FA32CE6823038158BB0ED0
Requests: 11 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Frame ID: DDE04FB9BEB9B352634A5DC45EBB2B60
Requests: 17 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: FCB3714A5035700292030A47A4E04FED
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2992174037707784947&gdpr=0&gdpr_consent=
Frame ID: C4DB6487D5390ED4410DD03C22859A82
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7124857179851734154&ex=appnexus.com
Frame ID: EC4C5C7CF285B386512A35795EE555B1
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: BCAC5FF47B0195F785CE8B23337652A4
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 4670135A924C04BBF8417E4C255C4EB1
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=119942835268329456868
Frame ID: 1FD3DD2D2EAE0C1B00F4E9C76BE9A563
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 9B14C0A575603BFA4D127ADA9AD471E2
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 8BB45ECDE8F18E99A7915DE2065F06E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EC7F379B9C2F1E793B6093A115ED9C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6D18EAEB5D8A357D76FB2EF32245A36
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&redir=true&gdpr=0&gdpr_consent=
Frame ID: DC25A272180AE587C2FEB1663586BC92
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDFC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Frame ID: 39F89BEF748FE5E23417701BBB624C89
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk9naxpRXalPMKUeA1W1O6nSxvnVSD_NF0aGbGsmbQBNkqOsGrcBz_tOn1utpeB_Eu_o16lRNecIO_ArqVrQq5aCmjSoH-i9Y3z8cDhE5LnKRniXqg8arXRbKQzFUnaCL4jUvalZBCs9sdEi_zcqyNkW9qtk6SJSfW0im63E6HYuBo6dK2B6towmpY9rE35ypIeUVF9FImoGFp4XOu-TvR5-BmcIO8wyxY09ycAnj5U1f0mPN-buWVd52Fc5NjbdelqyiKJ4s9jOAfcG-cMjRKLa8dPNmAbAMZWAbyUf1B7OU82hyrCR9FfCJDx-kFGC2y6g7pY3SmkkQsokUEYDokol3aXzHDSGffbXXQwXQvXd8tIRRnvONGJqt_4fXyhd-Dkb26a2kh5MN_3OJaIQ&sai=AMfl-YTpwf-96dR_LNTOu9yVsjZfMlcK7J5aQ4kkRZf7zoyhAHgt4INrhqDLGqQwO3xodH3-LQVsvLpr1NxBdjRTBC_O9pVk3hergTKCrL_dkv_wZN5nJ6EjOnmoOalZJg&sig=Cg0ArKJSzDMDOaL1loUDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5EFF6C110E0E2A777F3B49911D6734F2
Requests: 5 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: A2DDDD7323511703363BB8D18C9E7645
Requests: 19 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10249&campId=550x310&pubId=4856441909&chanId=61700127&placementId=5681484409&pubCreative=138446491910&pubOrder=2747822805&custom=article&custom2=inline1&custom3=us&adsafe_par&impId=e1c71d8a-9a83-11ee-89e6-023710ff5829
Frame ID: 1DFD4793871ED2E2FD887669317FCD52
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7B262B714813B985DA17F28A271B35F6
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVl5c6XpUKVQVvujE4TTIaHTP4HZBnb7HQUG6hfXsEdPcJ6U07NuBF1bEOG7_1uGUjw0gWyf0RSA46W7p1pMimYMBRuh8j0O-FPnV9baa778fu78thDmzZJpSA7YgspNIpp45qt4ge06Cvb6uUbIa7qwsBDgyqpHn2bnlx5YH7dnhVFHey6M3xzslulTRkMalZRwyFeo-On8HIR7MyEWfVOdJ5fvDcQoxVYduwlsaEgbnhyGdlCdcwFMcIW7Gg_HsxpJa9_Zvh51Ee5C3Hk2jAT_2wIC_rMgsw3msysCZdDXWcINk6aPrTsLkuapix-9joOcnracHxxKsw-_KAXwVv4JQ6poYlKfVVx2UH5ubjvlL00fWH3b134Z0S7eZIgKpcjTaYWOT8G45NjYKnsh-kuA&sai=AMfl-YTohnNwNJyUSDc-Sacg8U6IQL167zRMlyj9kc7l8-dqWwWOhphQx8XwW6VRSHp7n64selEn6SRg6EY4uusV84fQ5WtJzpC1PpzhaPNSi4MrgeFqWouWi7qMn12cnQ&sig=Cg0ArKJSzOiIR6_hp2pyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 4E2685FB26AC7842B472AF59EE8FC81B
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/iframe_buster_200_260.js
Frame ID: A0B4F4DAAFDA55CBCE88D4C9F6F1E138
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Frame ID: A4C95E323E970F76969D940B47D1624E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
Frame ID: E47B1746E3C48E1FB1DB92F5BF40C284
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: A23BCE653A3C84C8E215F646D2E3CC25
Requests: 2 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Frame ID: 06F21C17D0C4A88A74AB1557C6037080
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3DPubmatic%26tier%3D1%26DemandPartnerUserId%3D&gdpr=0
Frame ID: E04C44921B407C2251029742062345DF
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d4235b744549846ab93810afb46e7b692%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Frame ID: 2FDFACA27EAAA29378D99359260D0332
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 44C982509ACE72671A622F9CC3125182
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Frame ID: 0CE8AEB48D4848BD2FF035259C1176A9
Requests: 22 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: 0E60A13F5CAAF2E10FE817D63A90F74F
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Frame ID: FC662B41274756C28CFA8A6CBDDAD215
Requests: 18 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Frame ID: D376AC6310CAE81ABF39DBAFDEF2FABD
Requests: 30 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0E37EF49B4E68B3BDEF06D91AA62C268
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 080A5FA6F62DE9B2608DFB327D5CCFCE
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: C6E97BD469A84AEB77677D22F2C6E580
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 8F9B8B3C71A87B12359AD137EA426582
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 3584EB0103753B5D54AF6CA0BE058681
Requests: 20 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: 3D5132C834694A9AA083E646BF8A0D83
Requests: 7 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 5C814F5EBE1D7835695D6DCE78A64DC2
Requests: 6 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: A6A38D56D470905C3249867AEC249F1F
Requests: 1 HTTP requests in this frame

Frame: https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Frame ID: 1F768691929D4BEE4F63444EF92DC6F5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 0844CA3E31F9D0380AB6FD5AF894AC59
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXsBrwAG4O4N7wBU
Frame ID: 3EC545C6EB9B689164B09DFEF0CB6D72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79ee1b5-2031-41e8-900b-1a554427a5d8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: A3067A647B835B33ACA3CB9F41795CCB
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: EFDCB081FB4F6CFC7A09E4196811D045
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FBC39B9F9F69CEDAEFA0717AAA98DB36
Requests: 10 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Frame ID: 6F04C6BF4B519904CC346A40C347C7BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=935250ca-a545-48f5-9af9-b2e5e5320cdf
Frame ID: 81B8B880252E1B672B75B94D1B09721B
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=bd6d9b85d016104917a3743e822f3a37
Frame ID: ABE66E6AC5E55810C4567FA83F12DC29
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 36822031194DAD8F0241062F2B17710F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e4155534-9a83-11ee-b616-b78795e4e1b7
Frame ID: BB2954F465EF97C3D559626B5A74ECA7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Frame ID: F63B1D8FE749537D7DD526B3F4B2F632
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5qefavUm1RdLG05&gdpr=0&gdpr_consent=
Frame ID: A1CBEA57DEE337FC5682319FD632923B
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Frame ID: BCEE61C74D7624C8D73746F70057DF90
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314646804484354
Frame ID: 8D67453D45AFCC4426B757E476256D01
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: A112909AF3DCE62AE33A8814780148C9
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 40836C15F10C5BC87C17F88F2132C138
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdf40ffcc56f0457bacc633de0ff751f9
Frame ID: D9BE9BB63B67C9B477A6E934B16FDE09
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=864661978466
Frame ID: DE1F0AC9760DB63AD337E2EBEA818EBB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}
Frame ID: F0327FC12A67699ADB19CAFA51C5EE80
Requests: 2 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=310&uid=H0eCePZHYKqpHbQzR42fHIsP&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID
Frame ID: 1E971E9F39AAB3068C89EE4528CA859D
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Frame ID: D83099B15654BDEBA1C38053E4F726B2
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: A904D387CF817601B318548C752E465A
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212257090824875
Frame ID: E7A2FD135E611374BBB32ECB6982D9F4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 5BA3540A87FDB476051B5ADB2415CD95
Requests: 13 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 9C8F89DBE05778385A86C7501B680CDC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C8424E097EEAE8BB49B4BB43EB3EB2FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8616657b-01af-4e00-8f0f-56f36e2239ec&gdpr=0&gdpr_consent=
Frame ID: 8B9090EF7E2C84B412C0F55D17296A5B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=zTIyQveBA8eDRC-WtQF7ZQ
Frame ID: D4C086EE423BC36B4436EC98A9063226
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CDEFD3B6020A2FE2C4EF9FBC1AF9C392
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
Frame ID: 9FC532D706602751E0DE74104086D25E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 8F80324A9C0D3A3071859CE908D89D44
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B5D0E5AA848B7DB6164EC7CFD0761244
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7558465811446236429
Frame ID: CF9929775A79B63772AA260744A4034D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F&gdpr=0&gdpr_consent=
Frame ID: 552CE39353DD5736C40640241CC39953
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Frame ID: E26A116E3DD40D6A50B85624B949A14E
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Frame ID: D4E4E401412C50827A1E0A4EF4E61499
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

595
Requests

59 %
HTTPS

19 %
IPv6

148
Domains

241
Subdomains

139
IPs

13
Countries

3286 kB
Transfer

10721 kB
Size

338
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 88
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1702560170996&ns_c=UTF-8&cs_ucfr=1&comscorekw=Ukraine%2CRussia%2CFood%2CWorld%20news%2CVladimir%20Putin%2CFarming%2CEnvironment%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&c8=%E2%80%98Forged%20documents%E2%80%99%3A%20how%20Ukrainian%20grain%20may%20be%20enriching%20Putin%E2%80%99s%20circle%20%7C%20Ukraine%20%7C%20The%20Guardian&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1702560170996&ns_c=UTF-8&cs_ucfr=1&comscorekw=Ukraine%2CRussia%2CFood%2CWorld%20news%2CVladimir%20Putin%2CFarming%2CEnvironment%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&c8=%E2%80%98Forged%20documents%E2%80%99%3A%20how%20Ukrainian%20grain%20may%20be%20enriching%20Putin%E2%80%99s%20circle%20%7C%20Ukraine%20%7C%20The%20Guardian&c9=
Request Chain 136
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 154
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 155
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2992174037707784947&gdpr=0&gdpr_consent=
Request Chain 156
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7124857179851734154&ex=appnexus.com
Request Chain 157
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 159
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=119942835268329456868
Request Chain 161
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=dae20180-897d-4967-862d-184aeca4dd29&google_hm=ZGFlMjAxODAtODk3ZC00OTY3LTg2MmQtMTg0YWVjYTRkZDI5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEYDwNriePkhv_7i74UrCTQ&google_cver=1&ssp=sonobi&bsw_param=dae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Request Chain 162
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=a8eab6db-f103-457f-bed9-4e45a07b3671&pubid=91e92b73fd
Request Chain 163
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970314646804484354
Request Chain 164
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4f1de70f-98b5-4f31-a55d-78f855a57328&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dzNhWFNRemJINjNCaXloMk9uLVg0Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELzmATKFen5ixv2KJGwQzKY&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=9sqhxA1ot6tb
Request Chain 165
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=2w51-qyfWF5reWb4xqKsmAW16oU
Request Chain 166
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&pi=sonobi&tc=1
Request Chain 167
  • https://id5-sync.com/s/434/9.gif?puid=4f1de70f-98b5-4f31-a55d-78f855a57328&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=4f1de70f-98b5-4f31-a55d-78f855a57328&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F8%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/8/2.gif?puid=32b239a0-ab2d-4809-b73e-d37dda384a87&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/7/3.gif?puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a8eab6db-f103-457f-bed9-4e45a07b3671&ttl=%%TTL%% HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F5%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F5%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/5/5.gif?puid=cd1347e3-c502-4545-a8eb-66a3dc736273&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=a8eab6db-f103-457f-bed9-4e45a07b3671&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1245%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1245/4/6.gif?puid=H0eCePZHYKqpHbQzR42fHIsP&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F3%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/796/3/7.gif?puid=935250ca-a545-48f5-9af9-b2e5e5320cdf&gdpr=0&gdpr_consent=
Request Chain 170
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=4f1de70f-98b5-4f31-a55d-78f855a57328 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4f1de70f-98b5-4f31-a55d-78f855a57328
Request Chain 173
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4f1de70f-98b5-4f31-a55d-78f855a57328 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=4f1de70f-98b5-4f31-a55d-78f855a57328 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
Request Chain 174
  • https://idsync.rlcdn.com/711892.gif?partner_uid=4f1de70f-98b5-4f31-a55d-78f855a57328 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDRmMWRlNzBmLTk4YjUtNGYzMS1hNTVkLTc4Zjg1NWE1NzMyOBAAGg0IrIPsqwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&rand=01518922 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&rand=01518922&expected_cookie=376fdda2-b5bd-4afc-bd00-0b2009f1f3bc
Request Chain 175
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7124857179851734154
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NGYxZGU3MGYtOThiNS00ZjMxLWE1NWQtNzhmODU1YTU3MzI4 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEINMoF69x7PODaEAliiFmWQ&google_cver=1
Request Chain 177
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=CiMR8SkqdVpl&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 178
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=dae20180-897d-4967-862d-184aeca4dd29
Request Chain 179
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkM2Q0E4QzctMUQwQi00NjkzLUEzNUQtNTBBRTlDRkUwNzNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Request Chain 180
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 181
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1702560172171 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2069970713 HTTP 302
  • https://sync.1rx.io/usersync/turn/8162894186595708908?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
Request Chain 182
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
Request Chain 185
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=bd6d9b85d016104917a3743e822f3a37&gdpr_consent=&gdpr=0
Request Chain 186
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7124857179851734154&gdpr=0&gdpr_consent=
Request Chain 187
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212257090824875
Request Chain 188
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=7387344376717378074&gdpr=0&gdpr_consent=
Request Chain 189
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=80a24722-2b89-421d-85a3-ae506458ad51&gdpr_consent=null&gdpr=0
Request Chain 190
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
Request Chain 191
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=74b1d8e2-6262-07ad-2e94-7ed723f6912d
Request Chain 194
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6e526da762fa44a3835e3b76e37652d4 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=6e526da7-62fa-44a3-835e-3b76e37652d4 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=8d60d335-1254-4654-8994-a83540b3f21b%3A1702560172.2972653&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D8d60d335-1254-4654-8994-a83540b3f21b%253A1702560172.2972653%26pid%3D500040%26it%3D1%26iv%3D8d60d335-1254-4654-8994-a83540b3f21b%253A1702560172.2972653%26_%3D1702560172.3000627&cb=1702560172.3001065 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=970314646804484354&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D8d60d335-1254-4654-8994-a83540b3f21b%253A1702560172.2972653%26pid%3D500040%26it%3D1%26iv%3D8d60d335-1254-4654-8994-a83540b3f21b%253A1702560172.2972653%26_%3D1702560172.3000627 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=8d60d335-1254-4654-8994-a83540b3f21b%3A1702560172.2972653&pid=500040&it=1&iv=8d60d335-1254-4654-8994-a83540b3f21b%3A1702560172.2972653&_=1702560172.3000627 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1702560172.3000627&iv=8d60d335-1254-4654-8994-a83540b3f21b:1702560172.2972653
Request Chain 195
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXsBrLkpbmgLgq-N6q8TEAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDYeipgiL0nDeFIItttmJXw&google_cver=1
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqmzepauFfwlk1IukGnwJo&google_cver=1
Request Chain 197
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671&expiration=1705152172&gdpr=0&gdpr_consent=
Request Chain 198
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e2aa92fd-0faa-8e2b-ff104402
Request Chain 199
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718371372&external_user_id=7a4d9276-e30b-451d-83dc-676b8686a4ec
Request Chain 200
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB
Request Chain 202
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 207
  • https://match.adsrvr.org/track/cmf/openx?oxid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0&gdpr_consent=
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHyc3nE5cA0fDNAsf-6UB8&google_cver=1
Request Chain 213
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dae20180-897d-4967-862d-184aeca4dd29&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dfmx%26bsw_param%3Ddae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dfmx%252526bsw_param%25253Ddae20180-897d-4967-862d-184aeca4dd29%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7124857179851734154&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dfmx%2526bsw_param%253Ddae20180-897d-4967-862d-184aeca4dd29%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=fmx&bsw_param=dae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Request Chain 215
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPUdf40ffcc56f0457bacc633de0ff751f9&gdpr=0&gdpr_consent=&pid=103
Request Chain 216
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H0eCePZHYKqpHbQzR42fHIsP&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=ZXsBrOGIX1XokO07UVDFE6G7
Request Chain 217
  • https://ums.acuityplatform.com/tum?umid=27&uid=H0eCePZHYKqpHbQzR42fHIsP&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=864661978466
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Gyoxx0LRpOjXVCunP4HOw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 228
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7124857179851734154&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEImOySoVrPVVKvK0y6QX99c&google_cver=1
Request Chain 232
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F
Request Chain 233
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=
Request Chain 235
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EkOz6F9E2uU3v6Vnv8fprDU6jo4DbKo-~A&gdpr=0
Request Chain 244
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LQ58D8TE-Z-KF35 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbafcziX8on-tLySi3Kzig&google_cver=1
Request Chain 258
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=D2OErdoWQ223EhhZL8coaQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D2OErdoWQ223EhhZL8coaQ
Request Chain 259
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ58D8TE-Z-KF35&ex=d-rubiconproject.com&status=ok
Request Chain 260
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ58D8TE-Z-KF35
Request Chain 261
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rW1Xtjepk5U3msvxDEieuw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pbV9qd5E2oKSNbsyioLgWMzp78hWpRUYgU4poQ--~A
Request Chain 263
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=&expires=30
Request Chain 264
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc5NTQyNDBjYTc5MTUwM2RjMTU1OWRiMjcyYWQwY2NhZTJlMDgyZg
Request Chain 265
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFE1OEQ4VEUtWi1LRjM1 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGlZFflu8vn_mwWmBVWer6A&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE1OEQ4VEUtWi1LRjM1&google_push=
Request Chain 266
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACbNU7K9gMAABLqgtK56w&expires=30
Request Chain 267
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ58D8TE-Z-KF35
Request Chain 268
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ58D8TE-Z-KF35
Request Chain 269
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ58D8TE-Z-KF35
Request Chain 270
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=935250ca-a545-48f5-9af9-b2e5e5320cdf&expires=30
Request Chain 271
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ58D8TE-Z-KF35 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ58D8TE-Z-KF35 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ58D8TE-Z-KF35&ckls=true&ci=xV54ja8gTG&nc=false&trid=685390935
Request Chain 272
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ58D8TE-Z-KF35&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ58D8TE-Z-KF35&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS13bHlEZkt0RTJ1SEw5dFNFQU56YTBzbGVaN19kZ2tSOH5B&ovsid=LQ58D8TE-Z-KF35&dpid=58160
Request Chain 300
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
Request Chain 310
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=JcqwZHxWUG1raW1ZS2RVT1NienVtOUc5ckJVVXh3eHFjTjVqV3Y5emNrK1VFczh4dWQzWEE4NGhuOEdYNnZHb1hLWkd0Qk1RdC9weGlwZ2lSUWtTTGcrWVYyRUxPcThoTXU3SG5lZ1B4aTJwblRXbnYxVmJKTmlQY3lVTm5LQ3ZaenB5dGFybW9Tc2tyaHRkck1DNnBhU2tvRTMwMTEvbnJ5cGcwZDhFMStJVWdpZkpFeXlTNngzTklYNjRPZFoyalBzd2Y0U25XUVBrRWJJQURlbnNxZXliVXpYUzRBamZ6SVBWVEJZVFpnV0F1clZiSHYvd2N3QkxveFk4ZmxYclVjUUdVZ3VSaHMxUWNPNDhZNUUxenNiZVJVRHBvUWVuSjl3bUl5Q1F2ajROMlJYRT18&cppv=2
Request Chain 317
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=4235b744549846ab93810afb46e7b692&pname=Index&api-tier=1&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
Request Chain 318
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=4235b744549846ab93810afb46e7b692&pname=Beeswax&api-tier=1&uid=AACbNU7K9gMAABLqgtK56w&gdpr=0
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=a8eab6db-f103-457f-bed9-4e45a07b3671&ttl=1705152173
Request Chain 320
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DAmobee%26api-tier%3D1%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=4235b744549846ab93810afb46e7b692&pname=Amobee&api-tier=1&uid=3775486543021645614
Request Chain 321
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=4235b744549846ab93810afb46e7b692&pname=TripleLift&api-tier=1&uid=119942835268329456868
Request Chain 322
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DAppNexus%26api-tier%3D1%26uid%3D%24UID=&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=4235b744549846ab93810afb46e7b692&pname=AppNexus&api-tier=1&uid=7124857179851734154=&gdpr=0
Request Chain 323
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=171665592 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a8eab6db-f103-457f-bed9-4e45a07b3671 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005%26pId%3D44 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&pId=44
Request Chain 324
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null HTTP 302
  • https://capi.connatix.com/us/pixel?puid=7387344376717378074&pId=40&gdpr=0&gdpr_consent=
Request Chain 325
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Request Chain 326
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Request Chain 328
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DPulsePoint%26api-tier%3D1%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=4235b744549846ab93810afb46e7b692&pname=PulsePoint&api-tier=1&uid=9sqhxA1ot6tb
Request Chain 329
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DCrimtan%26api-tier%3D1%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=4235b744549846ab93810afb46e7b692&pname=Crimtan&api-tier=1&uid=5859e26ff7e74a5abd461b1685eb82c5
Request Chain 330
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DLoopMe%26api-tier%3D1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=4235b744549846ab93810afb46e7b692&pname=LoopMe&api-tier=1&uid=80a24722-2b89-421d-85a3-ae506458ad51&pubid=11186&gdpr=0
Request Chain 331
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D4235b744549846ab93810afb46e7b692%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553%2526gdpr%253D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D4235b744549846ab93810afb46e7b692%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553%2526gdpr%253D0&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DCentro%26api-tier%3D1%26uid%3D79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=4235b744549846ab93810afb46e7b692&pname=Centro&api-tier=1&uid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0
Request Chain 332
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DYieldMo%26api-tier%3D1%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=4235b744549846ab93810afb46e7b692&pname=YieldMo&api-tier=1&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0
Request Chain 333
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=4235b744549846ab93810afb46e7b692&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DTelaria%26api-tier%3D1%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=4235b744549846ab93810afb46e7b692&pname=Telaria&api-tier=1&uid=5386f09ab60942b0bf03901dd195331f
Request Chain 334
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd6d9b85d016104917a3743e822f3a37&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 337
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=4235b744549846ab93810afb46e7b692&pname=SundaySky&api-tier=1&uid=d6.251ff9da82e243168276034676d00250
Request Chain 338
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DResetDigital%26api-tier%3D1%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=4235b744549846ab93810afb46e7b692&pname=ResetDigital&api-tier=1&uid=0000012266C77743
Request Chain 339
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DSonobi%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=4235b744549846ab93810afb46e7b692&pname=Sonobi&api-tier=1&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
Request Chain 340
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d4235b744549846ab93810afb46e7b692%26pname%3dSharethrough%26api-tier%3d1%26uid%3d%7BUSER_ID%7D HTTP 302
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0&gdpr_consent=null
Request Chain 342
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DAdelphic%26api-tier%3D1%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=4235b744549846ab93810afb46e7b692&pname=Adelphic&api-tier=1&uid=935250ca-a545-48f5-9af9-b2e5e5320cdf
Request Chain 343
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d4235b744549846ab93810afb46e7b692%26DemandPartnerName%3dOpenX%26tier%3d1%26DemandPartnerUserId%3d HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=4235b744549846ab93810afb46e7b692&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=508bb4d3-1c11-0707-2bc2-817996d42e10
Request Chain 346
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NDIzNWI3NDQ1NDk4NDZhYjkzODEwYWZiNDZlN2I2OTI&extra1=4235b744549846ab93810afb46e7b692&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport HTTP 302
  • https://capi.connatix.com/us/google/report?extra1=4235b744549846ab93810afb46e7b692&gdpr=0
Request Chain 347
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=4235b744549846ab93810afb46e7b692&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DColossus%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=34&ev=4235b744549846ab93810afb46e7b692&pname=Colossus&api-tier=1&uid=f3253eeb-da02-4471-8b96-2801d8188624
Request Chain 354
  • https://cks.connatix.com/cks?pid=24&ev=4235b744549846ab93810afb46e7b692&pname=IronSource&api-tier=1&uid=IBg4oAn-Cp_s&direct=1 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=IBg4oAn-Cp_s&UserId=&tier=1
Request Chain 359
  • https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=4235b744549846ab93810afb46e7b692 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3775486543021645614 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 375
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a8eab6db-f103-457f-bed9-4e45a07b3671&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 376
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE5OTQyODM1MjY4MzI5NDU2ODY4 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEnSqun3J6VIdM0J_pTbNAI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 378
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE5OTQyODM1MjY4MzI5NDU2ODY4
Request Chain 380
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/119942835268329456868?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-MOMsR_pE2oRJymcaZvd5VHMMYfzJ.zqw2RBmKBr1WA--~A&dongle=0883
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=119942835268329456868&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=61447524-3c78-4a5c-8342-ce68ffc0279d&ssp=triplelift&expires=30&user_group=5&bsw_param=dae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=dae20180-897d-4967-862d-184aeca4dd29&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 382
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=32b239a0-ab2d-4809-b73e-d37dda384a87&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 383
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7124857179851734154&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 388
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 389
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 390
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-TIhsrUhE2pkk.5ArNYDiR0iFsIUZigaBn35rOA--~A&expires=5&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=dae20180-897d-4967-862d-184aeca4dd29&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 392
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=a8eab6db-f103-457f-bed9-4e45a07b3671&name=THE_TRADE_DESK
Request Chain 394
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=b864874dd1a0265506a17c2418360a89&gdpr=0&gdpr_consent=
Request Chain 395
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACbNU7K9gMAABLqgtK56w&name=BEESWAX
Request Chain 396
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 397
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=80a24722-2b89-421d-85a3-ae506458ad51%20&gdpr_consent=null&gdpr=0
Request Chain 398
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 399
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3775486543021645614&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Request Chain 400
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ea220400de7a0f604f49a7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 401
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98$ip$5.181.234.133&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 403
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=bc8f40ee16e34a29bed3d140d1dec4b2&gdpr=0&gdpr_consent=
Request Chain 404
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=&crf=1&rts=-2537189834654411034 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=ccb9bdcf-0efa-535c-84ef-2ea4e1942f0b&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 406
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=9a252594-fdfa-439d-b059-48e22fba9d97&gdpr=0&gdpr_consent=
Request Chain 407
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=a735f9cd-a79a-42c4-96d6-06cd1f5df56a&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 409
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 410
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 412
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 413
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Request Chain 415
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYk5VN0s5Z01BQUJMcWd0SzU2dw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACbNU7K9gMAABLqgtK56w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACbNU7K9gMAABLqgtK56w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACbNU7K9gMAABLqgtK56w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACbNU7K9gMAABLqgtK56w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7387344376717378074&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACbNU7K9gMAABLqgtK56w&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 416
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7124857179851734154&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Request Chain 418
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXsBrwAG4O4N7wBU
Request Chain 419
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JIqtCSKO-w0_j_xTKoa3DSDd-Qo_2ahddowin3wa HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79ee1b5-2031-41e8-900b-1a554427a5d8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 420
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&vxii_pid=12&vxii_pid1=10067&vxii_rcid=524743a8-65d3-4645-8b2f-65b01a847ec9
Request Chain 424
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1bf3939c87cb241d&is_secure=true&networkId=17100&version=1&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB0F2ktG-tsAN-IM9-AAAAAAA&expiration=1702646575&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 425
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=935250ca-a545-48f5-9af9-b2e5e5320cdf&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5023303428203664878
Request Chain 426
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10DAE562F_1FED0DF4&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 428
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6038002063729600366
Request Chain 429
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7124857179851734154
Request Chain 434
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702560175029.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 435
  • https://ssc-cms.33across.com/ps/?_=1702560175029.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212257090824875&gdpr=0&gdpr_consent=
Request Chain 436
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1705152175%26external_user_id%3Da8eab6db-f103-457f-bed9-4e45a07b3671 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1705152175&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671
Request Chain 437
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702560175029.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
Request Chain 438
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 439
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=2w51-qyfWF5reWb4xqKsmAW16oU HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=2w51-qyfWF5reWb4xqKsmAW16oU&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 440
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702560175029.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7124857179851734154
Request Chain 443
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQ58D8TE-Z-KF35 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
Request Chain 444
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&loc=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[UID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
Request Chain 446
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ea22040002f8105aa07fdc&gdpr=0&gdpr_consent=
Request Chain 447
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM4NzM0NDM3NjcxNzM3ODA3NA==&gdpr=0&gdpr_consent=
Request Chain 448
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6966150491777740634&gdpr=0&gdpr_consent=
Request Chain 449
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=7387344376717378074&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 451
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=833ff091-e7f7-06a6-1346-b904e66d4b5f&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZXsBrOGIX1XokO07UVDFE6G7
Request Chain 452
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Q-dOSBwLg8aDp27y0UZ_1A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 453
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=935250ca-a545-48f5-9af9-b2e5e5320cdf
Request Chain 454
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=
Request Chain 457
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=c977bb12-78ca-0c88-3aaa-a2b63bc424b6 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c977bb12-78ca-0c88-3aaa-a2b63bc424b6
Request Chain 458
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7124857179851734154
Request Chain 459
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3775486543021645614&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 460
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXsBrwAG4O4N7wBU
Request Chain 461
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
Request Chain 462
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ58D8TE-Z-KF35&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
Request Chain 463
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 464
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 465
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 466
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6464563808578484187
Request Chain 467
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2w51-qyfWF5reWb4xqKsmAW16oU
Request Chain 468
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=a735f9cd-a79a-42c4-96d6-06cd1f5df56a
Request Chain 469
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=32b239a0-ab2d-4809-b73e-d37dda384a87&gdpr=0
Request Chain 470
  • https://ad.turn.com/r/cs?pid=6&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3775486543021645614&expires=60&gdpr=0&gdpr_consent=
Request Chain 471
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7124857179851734154&expires=30&gdpr=0
Request Chain 472
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2013%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=822783911 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2013/8616657b-01af-4e00-8f0f-56f36e2239ec?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
Request Chain 473
  • https://id.rlcdn.com/709414.gif?gdpr=0 HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 474
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&expires=360&gdpr=0&gdpr_consent=
Request Chain 475
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQ58D8TE-Z-KF35&gdpr=0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ58D8TE-Z-KF35&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 476
  • https://match.deepintent.com/usersync/143?gdpr=0 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_0017631c80754d2ab5c95
Request Chain 477
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 478
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LQ58D8TE-Z-KF35?gdpr=0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ58D8TE-Z-KF35&obUid=&initiator=&gdpr=0
Request Chain 480
  • https://token.rubiconproject.com/token?pid=49096&gdpr=0 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ58D8TE-Z-KF35&gdpr=0 HTTP 303
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 481
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 482
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 483
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
Request Chain 484
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 485
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXsBrwAG4O4N7wBU&gdpr=0
Request Chain 486
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0 HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e4155534-9a83-11ee-b616-b78795e4e1b7&expires=60
Request Chain 487
  • https://um.simpli.fi/rb_match?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7772916224FC42C8A0D6CD8EA9C90A5F&expires=365
Request Chain 488
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=BNPibioAZsNFnH1mmWFHNQ&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=3ae60d881339241d&is_secure=true&networkId=12783&version=1&nuid=BNPibioAZsNFnH1mmWFHNQ&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAB0F2ktG-tsgNPaKOEAAAAAAA&expiration=1702646575&nuid=BNPibioAZsNFnH1mmWFHNQ&is_secure=true&gdpr=0
Request Chain 489
  • https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=0 HTTP 307
  • https://pixel.rubiconproject.com/tap.php?v=12406&nid=2540&put=657B01ACC5F8B7699371AF6CBLIS&expires=30
Request Chain 490
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 491
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet&gdpr=0 HTTP 302
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 492
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864&gdpr=0 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 493
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=9sqhxA1ot6tb&ev=1&pid=560687&gdpr=0
Request Chain 494
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&gdpr=0 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&gdpr=0
Request Chain 495
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 496
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7312440271109945492&expires=730&gdpr=0
Request Chain 497
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 498
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 499
  • https://ums.acuityplatform.com/tum?umid=2&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=864661978466&expires=30&us_privacy=1---
Request Chain 500
  • https://b1sync.zemanta.com/usersync/rubicon/?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=MF_DK0ca-rYwg9tzmgTO&gdpr=0
Request Chain 501
  • https://rbp.mxptint.net/sn.ashx?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10DAE562F_1FED0DF4&expires=60
Request Chain 502
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=8_PRzPX3h8jo9oCW_f_LyPekhc_ooNSYofUVx81j
Request Chain 503
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856&gdpr=0 HTTP 302
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 504
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme&gdpr=0 HTTP 302
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 505
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon&gdpr=0 HTTP 302
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 506
  • https://match.adsby.bidtheatre.com/rubiconmatch?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=370cc22f-cf69-401b-bdaa-5ae126186c01
Request Chain 507
  • https://ssbsync.smartadserver.com/api/sync?callerId=87&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=7387344376717378074&gdpr=0&gdpr_consent=
Request Chain 508
  • https://rtb.adentifi.com/CookieSyncRubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_e3eff050-9a83-11ee-b183-121a6d1d7927&expires=1825
Request Chain 509
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Request Chain 510
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%3Cvsid%3E HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3455617720813374000V10
Request Chain 513
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7124857179851734154
Request Chain 514
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACbNU7K9gMAABLqgtK56w&expiration=1703769775
Request Chain 515
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Rt_OnEDbmJhd2p_GSNPUmEKImp9djMvIFNkn0SFA
Request Chain 516
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=546081868503611178&expiration=1703769769
Request Chain 517
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dae20180-897d-4967-862d-184aeca4dd29&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dindex%26bsw_param%3Ddae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dindex%252526bsw_param%25253Ddae20180-897d-4967-862d-184aeca4dd29%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=50144256947007183211867252614357196588&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dindex%2526bsw_param%253Ddae20180-897d-4967-862d-184aeca4dd29%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=dae20180-897d-4967-862d-184aeca4dd29 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Request Chain 518
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3978200c-b893-457a-bcc4-bbc39cf6e216&expiration=1734182575
Request Chain 519
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=5859e26ff7e74a5abd461b1685eb82c5&expiration=1705152175
Request Chain 522
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=bd6d9b85d016104917a3743e822f3a37&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume914a_7313579709520749416&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACbNU7K9gMAABLqgtK56w&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/bd6d9b85d016104917a3743e822f3a37?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-xFBc.MdE2oM7yrOZf.vZF2VHI2SPQc01jfLAfrVQ~A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmQ2ZDliODVkMDE2MTA0OTE3YTM3NDNlODIyZjNhMzc=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELX6jpEEiNw4b71TuvlBdRU&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=5qefavUm1RdLG05&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent= HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=3689d91e-b12c-4aef-8922-534aedc7ad33 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3825571&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=935250ca-a545-48f5-9af9-b2e5e5320cdf
Request Chain 524
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=546081868503611178
Request Chain 525
  • https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D__ZUID__ HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Request Chain 526
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PDID] HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PDID]&rd=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3edc116a-6db0-4018-b127-1zz1702560168
Request Chain 530
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e4155534-9a83-11ee-b616-b78795e4e1b7
Request Chain 531
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Request Chain 532
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5qefavUm1RdLG05&gdpr=0&gdpr_consent=
Request Chain 533
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=3978200c-b893-457a-bcc4-bbc39cf6e216&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Request Chain 534
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314646804484354
Request Chain 535
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 537
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdf40ffcc56f0457bacc633de0ff751f9
Request Chain 538
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=864661978466
Request Chain 540
  • https://idsync.rlcdn.com/712188.gif?partner_uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJKC3A0bk5soKHPcrOVsGlk&google_cver=1
Request Chain 544
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
Request Chain 545
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[NMUID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Request Chain 546
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FXR_emJE2uEqo14QqNHzWZDNqQb9jJKyG6wqE1A-~A&gdpr=0
Request Chain 547
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=cd1347e3-c502-4545-a8eb-66a3dc736273
Request Chain 548
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?uid=AACbNU7K9gMAABLqgtK56w&bidder=beeswax
Request Chain 549
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Request Chain 552
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=e45e91f7-80dc-e344-3f66-38dfed6c98f2&us_privacy=pbs-ozone
Request Chain 553
  • https://x.bidswitch.net/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dae20180-897d-4967-862d-184aeca4dd29&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dozone%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=ozone&user_id=
Request Chain 554
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=a8eab6db-f103-457f-bed9-4e45a07b3671
Request Chain 555
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H0eCePZHYKqpHbQzR42fHIsP
Request Chain 556
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=a56f4bbb-0c12-0901-0e5f-e250830487e3
Request Chain 557
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[RX_UUID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
Request Chain 558
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Request Chain 559
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7124857179851734154&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&rndcb=8655447867 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3Ddae20180-897d-4967-862d-184aeca4dd29%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=bc8f40ee16e34a29bed3d140d1dec4b2&ssp=adconductor&bsw_param=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/dae20180-897d-4967-862d-184aeca4dd29?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=317&uid=7387344376717378074&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D4%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=3455617720813374000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=H0eCePZHYKqpHbQzR42fHIsP&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID
Request Chain 562
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$UID HTTP 303
  • https://cs.yellowblue.io/cs?aid=11606&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=546081868503611178
Request Chain 563
  • https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E HTTP 302
  • https://cs.yellowblue.io/cs?aid=11585&id=3455617720813374000V10
Request Chain 566
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{ID5UID} HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%7BID5UID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g
Request Chain 567
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=dae20180-897d-4967-862d-184aeca4dd29
Request Chain 568
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7387344376717378074
Request Chain 569
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AQELOE5v663ewAIF9zgLAQEBAQE&expiration=1702646581
Request Chain 570
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5250%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D0a85c1a2-f77a-482f-b519-c344e05b647d%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9lbGIudGhlLW96b25lLXByb2plY3QuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9cGJzLW96b25lJnVpZD0kVUlE%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/5250?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=0a85c1a2-f77a-482f-b519-c344e05b647d&bidder=appnexus&cbx=aHR0cHM6Ly9lbGIudGhlLW96b25lLXByb2plY3QuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9cGJzLW96b25lJnVpZD0kVUlE&uid=7124857179851734154 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0a85c1a2-f77a-482f-b519-c344e05b647d
Request Chain 571
  • https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212257090824875
Request Chain 572
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=119942835268329456868
Request Chain 575
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dpubmatic%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=zMdF8BAI_AxXcRp4ZaGS0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 576
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 577
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8616657b-01af-4e00-8f0f-56f36e2239ec&gdpr=0&gdpr_consent=
Request Chain 578
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=zTIyQveBA8eDRC-WtQF7ZQ
Request Chain 580
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=1601502127 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1508/79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553?zcc=0&sspret=1&rndcb=1601502127 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
Request Chain 583
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7558465811446236429&uid=Q7558465811446236429&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7558465811446236429
Request Chain 584
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F&gdpr=0&gdpr_consent=
Request Chain 587
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-xSmA-U1AbfJ2eIQDrgpC_1p1VL7m7tDswtqVdQ HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=6e526da7-62fa-44a3-835e-3b76e37652d4 HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&gdpr=0&user_id=o3Ya5qVyTOK4c0u8rXoA4qchTuW4JR-y8XDmMON8 HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dae20180-897d-4967-862d-184aeca4dd29
Request Chain 589
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=e7c6c1e0-9a83-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Request Chain 594
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWw5cW9SdjRwY2VTNmUxOU8xRG9OZ3JkZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=546081868503611178&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 596
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 597
  • https://pixel.onaudience.com/?partner=214&mapped=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=a8eab6db-f103-457f-bed9-4e45a07b3671&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ed5e970f381e7905 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=61aeb2ab-3ec0-4eff-4f38-e3822efaa746&reqId=8383a402-316e-4c6a-6401-20a67e893ac3&zcluid=ed5e970f381e7905&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEM8FwwM3KnHmWeZLP6tKkyQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=61aeb2ab-3ec0-4eff-4f38-e3822efaa746&reqId=8383a402-316e-4c6a-6401-20a67e893ac3&zcluid=ed5e970f381e7905&zdid=1332

595 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
www.theguardian.com/world/2023/dec/11/ 		290 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b11fc94fb25257e469cd3c0bcb2971bc4ea615bc3240d4cf07923d18c88b09b
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
7
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
content-encoding
gzip
content-length
49171
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:22:50 GMT
etag
W/"hash2364216778331466054"
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
link
<https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/frameworks.web.bd643d6f240ee6667122.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true>; rel=prefetch,,<https://assets.guim.co.uk/>; rel=preconnect,<https://i.guim.co.uk>; rel=preconnect,<https://j.ophan.co.uk>; rel=preconnect,<https://ophan.theguardian.com>; rel=preconnect,<https://api.nextgen.guardianapps.co.uk>; rel=preconnect,<https://hits-secure.theguardian.com>; rel=preconnect,<https://interactive.guim.co.uk>; rel=preconnect,<https://phar.gu-web.net>; rel=preconnect,<https://static.theguardian.com>; rel=preconnect,<https://support.theguardian.com>; rel=preconnect
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-gu-dotcomponents
true
x-gu-edition
us
x-gu-frontend-git-commit-id
c55ffe16d6beaa774b5a7f47113a22cd69642dc0
x-timer
S1702560170.333833,VS0,VE71
x-xss-protection
1; mode=block
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		0
917 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
age
1403678
detected-user-agent
Chrome/120.0.0
x-cache
MISS
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
154
x-served-by
cache-lga21975-LGA
referrer-policy
origin-when-cross-origin
x-timer
S1702560170.424161,VS0,VE75
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
frameworks.web.bd643d6f240ee6667122.js
assets.guim.co.uk/assets/ 		0
21 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.web.bd643d6f240ee6667122.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
_dUbR7wAuDJIL04T64PSehcRUxAkAdVt
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
4RB7MVQ7C6W057N4
age
1139074
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.web.bd643d6f240ee6667122.js?http3=true
fastly-restarts
1
x-amz-id-2
WFrhSECwZYcnwRqOJieQ6Q9L/GHUYOlNEk74SiAHWvRRwPV9dAlGVhwr4c6u1xhyKDgXUPFZI1I=
x-served-by
cache-lga21975-LGA
content-length
20776
last-modified
Fri, 01 Dec 2023 08:55:47 GMT
server
AmazonS3
x-timer
S1702560170.424144,VS0,VE0
etag
"18932e4635351074ecbb0a6fdf39b7ef"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
168
index.web.3009c2e00d416213779f.js
assets.guim.co.uk/assets/ 		0
45 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Q8mzww8onwr6oh_a2o.8av2rGxkr2zNw
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PD99T91HHQKWBXAW
age
6050
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/index.web.3009c2e00d416213779f.js?http3=true
fastly-restarts
1
x-amz-id-2
gbaDkkOnIf5xl7ESeWMmn88ajA7lYxRiOaSXYNHe48x005UkfC4l6SpTnQPLQBSB/xNQ4uSgurk=
x-served-by
cache-lga21975-LGA
content-length
45479
last-modified
Thu, 14 Dec 2023 11:40:44 GMT
server
AmazonS3
x-timer
S1702560170.450310,VS0,VE0
etag
"c95960e26ba0ad497b3c6265c58e9fdb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
94
graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/ 		0
80 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
WfkhODi3Jiuk8oMeReUsXlyCZKAFapJK
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
FXMK1C7SRQ76CP8E
age
24289
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
fastly-restarts
1
x-amz-id-2
M6S9KNm6xhdmapHhBFPFXVEFvibNMm8k44CU+DyZVhFFjSATg4via+3Ms4cCWLqzPUcH/X3ahd4=
x-served-by
cache-lga21975-LGA
content-length
81137
last-modified
Wed, 13 Dec 2023 12:11:20 GMT
server
AmazonS3
x-timer
S1702560170.450308,VS0,VE0
etag
"824759c06ea190e00e2df13d28ee81da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
162
GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cZB.5DOXNYvF_6or5.utmjVZGw4SnT9B
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
V3FCP5JPXPC5YK9N
age
26515332
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
c+BTW3ixwDqeLE99HzLAb9LpCQOviFbAS7l1Ea9kQ+xXAmezbIQVF287spfFRE8hCbE4A4iaeh8nmyDRwWTjLA==
x-served-by
cache-lga21950-LGA
content-length
16492
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1702560170.432437,VS0,VE0
etag
"f5d54732577509c40f5a5a47f47aeab5"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
29405
GuardianTextEgyptian-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
NppmnaNT0.flIJWpyurLSQmcrEPnbJ4q
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
9AZEK12EM0M57V0D
age
26515316
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true
fastly-restarts
1
x-amz-id-2
S8odBUwPMKHHxFgWO2tW/TnO57FCxFcfzFNGGBezc9Ts4mhLP+edXXjKkbUPr/NJ+pggMhi8tV4=
x-served-by
cache-lga21950-LGA
content-length
16792
last-modified
Fri, 10 Feb 2023 15:45:04 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1702560170.432650,VS0,VE0
etag
"66184690aa8f829b88f8d7b855ec63fd"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
27917
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		165 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
age
1403678
detected-user-agent
Chrome/120.0.0
x-cache
HIT
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
154
x-served-by
cache-lga21975-LGA
referrer-policy
origin-when-cross-origin
x-timer
S1702560170.449958,VS0,VE50
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
frameworks.web.bd643d6f240ee6667122.js
assets.guim.co.uk/assets/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.web.bd643d6f240ee6667122.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7464e05d697159cf7654efffc31a1c5ef2f50a1ab8151ab8812249b7d2ac810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
_dUbR7wAuDJIL04T64PSehcRUxAkAdVt
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
4RB7MVQ7C6W057N4
age
1139074
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.web.bd643d6f240ee6667122.js?http3=true
fastly-restarts
1
x-amz-id-2
WFrhSECwZYcnwRqOJieQ6Q9L/GHUYOlNEk74SiAHWvRRwPV9dAlGVhwr4c6u1xhyKDgXUPFZI1I=
x-served-by
cache-lga21950-LGA
content-length
20776
last-modified
Fri, 01 Dec 2023 08:55:47 GMT
server
AmazonS3
x-timer
S1702560170.432473,VS0,VE0
etag
"18932e4635351074ecbb0a6fdf39b7ef"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
861
index.web.3009c2e00d416213779f.js
assets.guim.co.uk/assets/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b251135217e82004055c8d38fbd0cf9c378d25fa3e5d4549c26d666abfc1f3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Q8mzww8onwr6oh_a2o.8av2rGxkr2zNw
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PD99T91HHQKWBXAW
age
6050
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/index.web.3009c2e00d416213779f.js?http3=true
fastly-restarts
1
x-amz-id-2
gbaDkkOnIf5xl7ESeWMmn88ajA7lYxRiOaSXYNHe48x005UkfC4l6SpTnQPLQBSB/xNQ4uSgurk=
x-served-by
cache-lga21950-LGA
content-length
45479
last-modified
Thu, 14 Dec 2023 11:40:44 GMT
server
AmazonS3
x-timer
S1702560170.432478,VS0,VE0
etag
"c95960e26ba0ad497b3c6265c58e9fdb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
113
graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/ 		259 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bde26e24f51f1a3d2089bce22539ef56f3ef561cef93dce4a0ebd09bd180cf89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
WfkhODi3Jiuk8oMeReUsXlyCZKAFapJK
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
FXMK1C7SRQ76CP8E
age
24289
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
fastly-restarts
1
x-amz-id-2
M6S9KNm6xhdmapHhBFPFXVEFvibNMm8k44CU+DyZVhFFjSATg4via+3Ms4cCWLqzPUcH/X3ahd4=
x-served-by
cache-lga21975-LGA
content-length
81137
last-modified
Wed, 13 Dec 2023 12:11:20 GMT
server
AmazonS3
x-timer
S1702560170.449924,VS0,VE0
etag
"824759c06ea190e00e2df13d28ee81da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
161
3651.jpg
i.guim.co.uk/img/media/7502ca33e3e28c5c35f8b2fc1cc7b97d0342f0ba/74_0_3651_2191/master/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/7502ca33e3e28c5c35f8b2fc1cc7b97d0342f0ba/74_0_3651_2191/master/3651.jpg?width=620&dpr=1&s=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b34f152be9116ba656be742c0e08a70f30f81b189bf5d57dfb56b5878430597

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img01-europe-west2
age
845020
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
fastly-io-info
ifsz=3788229 idim=3651x2191 ifmt=jpeg ofsz=36794 odim=620x372 ofmt=avif
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
36794
x-served-by
cache-lcy-eglc8600045-LCY, cache-lga21975-LGA
server
AmazonS3
x-timer
S1702560170.426945,VS0,VE90
etag
"v56VD+n0JIDs/9X+SHgo93Wa1bERXHq4Pd4H7CS+kAY"
x-amz-meta-bounds-height
2191
x-amz-meta-bounds-width
3651
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
74
x-cache-hits
5, 0
print.css
assets.guim.co.uk/static/frontend/css/ 		81 B
393 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/css/print.css
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
nnIZ0YkQeT_rWOV2mdVJsrN0Wwayynw7
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
VZC29ANBG04Q1K54
age
35450285
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/css/print.css
fastly-restarts
1
x-amz-id-2
xFiUy3XzaIB+XBw6DxqLaXIB8ERqnCKOLnfwzN4wpXAbRVg8Ws7AotS/QQQwjzps8Nv3u/Jz05I=
x-served-by
cache-lga21975-LGA
content-length
91
last-modified
Fri, 28 Oct 2022 14:19:58 GMT
server
AmazonS3
x-timer
S1702560170.450330,VS0,VE0
etag
"db34472656eebc5c36590124014292c0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
134
GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
H7ZXoJ3UPrU2mK95OUN9GEv7jX.WcVA2
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
XJ1PRES9YW8PYVCF
age
3220939
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true
fastly-restarts
1
x-amz-id-2
Kcwfk5hcj7XyHaJojod1PyGdBA4AZgHR5DcCsup3cr4UKRXEuoc+RmzLfQkOhrRn4eIdX/EcFz8=
x-served-by
cache-lga21950-LGA
content-length
15416
last-modified
Thu, 21 Sep 2023 11:38:37 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1702560170.478201,VS0,VE0
etag
"5c9af23772b65de0d3f1fb8638c196b4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
28799
GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vMLWfn.7StuSfsynGEUaLz8In6XXa2FW
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
JEF4P602EMGK8JS1
age
13055402
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
+vPPrjyeSu+7k3MJgRqtXZvVUrb8c0Tqsu6xv+Vzra7J3CWUp/NfYcTNsT2VrcFCzWb29bhTjFM=
x-served-by
cache-lga21950-LGA
content-length
17376
last-modified
Wed, 28 Jun 2023 10:06:42 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1702560170.478168,VS0,VE0
etag
"227b6e4f26bef19d8f2815f6097b7b7c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
28885
GHGuardianHeadline-Light.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
m5kMwIEpCdssHot4vW0DCg7LJSE.LOo9
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
XVQQ4VKM171PZDSE
age
5020198
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true
fastly-restarts
1
x-amz-id-2
HFCAEmTGRbzjqH5idY49NIxATV8+Um4elNxBWIonkD822jq77wf94HXfD9KYzcRUJDhmQiyre0I=
x-served-by
cache-lga21950-LGA
content-length
15764
last-modified
Thu, 21 Sep 2023 11:38:35 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1702560170.478154,VS0,VE0
etag
"5acde69d26abfad0f3ef938733057577"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
22720
GHGuardianHeadline-MediumItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
aOcyf0Rw_c_KHyqgDfMRZ62nHs_3ToNn
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
91ZRKZNY45TPKDMC
age
26515322
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true
fastly-restarts
1
x-amz-id-2
IM17vpP47RXa1lgpABY7iEXhXMf3MoJ2UcWZPTqsoMNJJa+hAkKpzkcNVe7H4EHsW9fMvnqZpuM=
x-served-by
cache-lga21950-LGA
content-length
19052
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1702560170.478123,VS0,VE0
etag
"f1117595ec5a2cf9f3a9834f42e5fd08"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
25428
GuardianTextEgyptian-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Bold.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1bf42c2df6fa95e0806bccd64191d78325514d758c455c0d959913a25d6a101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
xekHq02YcWRvptVrpkeT6X.H6lxNoYVW
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
Q2JAZM5SK6RJR1DQ
age
26515368
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
E+VvVmsrZ/vXUAmShpGL8eYiWjcjmjl/Mz16zEihxPECC08cZrZhp2Q4vYkLwNNR1zTtO8Q4oc0=
x-served-by
cache-lga21950-LGA
content-length
17044
last-modified
Fri, 10 Feb 2023 15:45:03 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1702560170.478103,VS0,VE0
etag
"84fb7a78f703a6bea30d38248d76114e"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
21229
5660.jpg
i.guim.co.uk/img/media/6fd833b8a7b42b12b0ae547109d4565727cad2f4/0_0_5660_3896/master/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/6fd833b8a7b42b12b0ae547109d4565727cad2f4/0_0_5660_3896/master/5660.jpg?width=620&dpr=1&s=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc2aa378b67ab3bbc6a2529836c990747f5b3eac4114cdc2d32456ab1cdaff6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img02-europe-west2
age
267573
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=7035064 idim=5660x3896 ifmt=jpeg ofsz=37816 odim=620x427 ofmt=avif
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
37816
x-served-by
cache-lcy-eglc8600041-LCY, cache-lga21975-LGA
server
AmazonS3
x-timer
S1702560171.501141,VS0,VE2
etag
"j9mEfLuRkHBYvYQtw5ji5iegLxYTrtBBFHWRDFox3+Y"
x-amz-meta-bounds-height
3896
x-amz-meta-bounds-width
5660
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
71, 1
1321.jpg
i.guim.co.uk/img/media/4b928bccf8fa84dbba4ba15091c4f564077718cc/0_38_1321_793/master/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/4b928bccf8fa84dbba4ba15091c4f564077718cc/0_38_1321_793/master/1321.jpg?width=620&dpr=1&s=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cca67a2e1a9dc8165eaabe9a6aa873d90ecf2423ba7cfba6ff86ba0ea01a7f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img05-europe-west2
age
845019
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=393219 idim=1321x793 ifmt=jpeg ofsz=29787 odim=620x372 ofmt=avif
fastly-stats
io=1
x-amz-meta-bounds-y
38
content-length
29787
x-served-by
cache-lcy-eglc8600021-LCY, cache-lga21975-LGA
server
AmazonS3
x-timer
S1702560171.501245,VS0,VE1
etag
"hexrPinQkg70tgissB80H97CfDKUFHmtj14F0atohGk"
x-amz-meta-bounds-height
793
x-amz-meta-bounds-width
1321
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
123, 1
1659.web.1f70a3e54e71efe01ee2.js
assets.guim.co.uk/assets/ 		839 B
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/1659.web.1f70a3e54e71efe01ee2.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7df2a80425f1f1fcbfcfa5f127fe17c548a8fbdc079bcdadcae97f1840b44463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
TXAGwUZy45EwGthWFRS3oEXYltf3yXR0
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
DR3RE180B0WFYH30
age
4752286
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/1659.web.1f70a3e54e71efe01ee2.js
fastly-restarts
1
x-amz-id-2
ztxqkIZaP5nCF0sIF9+F8F78m7ARAsyr4hSX2HwyNy0LEr3K7XSHdYcUIRq/QSVMlz5xIeYTvMU=
x-served-by
cache-lga21975-LGA
content-length
518
last-modified
Fri, 20 Oct 2023 13:15:17 GMT
server
AmazonS3
x-timer
S1702560171.530255,VS0,VE0
etag
"278a9b57f3fc83ee8205fdc3c1a1849a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
140
480.web.c06e7950b689def5ec3d.js
assets.guim.co.uk/assets/ 		843 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/480.web.c06e7950b689def5ec3d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a9e922e1bd8eaf0540e82944501086d2a843c5b52b42a83d15f28f10dacc561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
7c7XO.4umQPhCFoQb.AFf8Qa8dwr36qs
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
KQG7PJYHE5H352PE
age
4752339
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/480.web.c06e7950b689def5ec3d.js
fastly-restarts
1
x-amz-id-2
k3/fk9yGKUb4FZKldRh35jK5JHgTwf8bcbL5GNlXmY+BCedi/VzBa6A2MA3JXqawjLrs3rZcZ6M=
x-served-by
cache-lga21975-LGA
content-length
524
last-modified
Fri, 20 Oct 2023 13:15:25 GMT
server
AmazonS3
x-timer
S1702560171.530498,VS0,VE0
etag
"fb830fe42565d5dccd68ffab0653e52f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
132
9422.web.3cecc01f38dd7790ccd1.js
assets.guim.co.uk/assets/ 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/9422.web.3cecc01f38dd7790ccd1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a3d1aa57f151a682618cb698ae2ec646edbe2b3c6c1bdaafaa4d58272156bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
2ERAm0UhN6AdBt01gvGrDXKj8xRKFdsh
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
KQGEQ8NDEXHJ9NTE
age
4752339
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/9422.web.3cecc01f38dd7790ccd1.js
fastly-restarts
1
x-amz-id-2
jTUmq1GELqem+2B9T9rtpDaVPi0BLwIPfYcuc3YegzfU6ksm4lQaRYiM+N3y3EEKy3Cd6mCE4xI=
x-served-by
cache-lga21975-LGA
content-length
614
last-modified
Fri, 20 Oct 2023 13:15:35 GMT
server
AmazonS3
x-timer
S1702560171.531006,VS0,VE0
etag
"8cefbd21cadb2552c97445b5117319b0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
132
4591.web.75f044ffc3d11f2dbded.js
assets.guim.co.uk/assets/ 		558 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/4591.web.75f044ffc3d11f2dbded.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bb30804fbe6f0483929507387bfa0bd67e4dcd4d1d38ae70db6e66991910d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
29GnOwgxxrGeKX8h4iLuojHeEaT8q93D
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
JYQAM0078DSM753T
age
3125742
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/4591.web.75f044ffc3d11f2dbded.js
fastly-restarts
1
x-amz-id-2
cIyXJ72WQNjrPtwoNPMHazDKIW4nyieLFtd8of2t8lpuMQHHwKRWoOafv9Bbml0eZp0TZpuTZuI=
x-served-by
cache-lga21975-LGA
content-length
404
last-modified
Tue, 07 Nov 2023 14:35:26 GMT
server
AmazonS3
x-timer
S1702560171.531277,VS0,VE0
etag
"65a41e32931b294e87acd412f5a18b66"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
136
Metrics-importable.web.5282ca8be218bd06ad7d.js
assets.guim.co.uk/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/Metrics-importable.web.5282ca8be218bd06ad7d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e037c0d2b4a5ae363995ac86729f974124be40ef386cd9d1cebe4039d2f7c001
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Qd7JjUHuVezWSO_1vbtGJnCZSCeF4nfr
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
0PVPMX5JRT406NPH
age
1217662
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/Metrics-importable.web.5282ca8be218bd06ad7d.js
fastly-restarts
1
x-amz-id-2
5x0exPjH5cFNFiwrCh+wIJPI1Sa1FXmikkJewhYPSzRC9sYZX7/8zOy2RS3hQ/czlssnwAWuUqs=
x-served-by
cache-lga21975-LGA
content-length
2289
last-modified
Thu, 30 Nov 2023 11:06:09 GMT
server
AmazonS3
x-timer
S1702560171.544872,VS0,VE0
etag
"dcf2ed737ebec1073ea0651062f15156"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
138
SetABTests-importable.web.3879c16c4af6c06f5d2a.js
assets.guim.co.uk/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetABTests-importable.web.3879c16c4af6c06f5d2a.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7908214744d9ef01fb759b237b4e476d07bc96cc596bf317eeb9adb0e004468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kdj5QldVlhTHlXFj5qejVYTg7va7AIB3
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
SYA8RE3GC57QCF40
age
91981
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SetABTests-importable.web.3879c16c4af6c06f5d2a.js
fastly-restarts
1
x-amz-id-2
ZjkDmEzk5JaMS+2VZiicf8VoQ3Ixnis3aMagehlFhWqEH30HXb+dQvS30n9UwpUVpoZ0l2jz2KY=
x-served-by
cache-lga21975-LGA
content-length
3576
last-modified
Wed, 13 Dec 2023 11:47:51 GMT
server
AmazonS3
x-timer
S1702560171.544874,VS0,VE0
etag
"84b4b8b0df8917451bf6fae7e5d592a1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
158
SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js
assets.guim.co.uk/assets/ 		731 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2d034f935f7a855ef11c1eb539c155aeb31a7fa59932aec205c9e5f7564d26b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
P0JpPO1FptjpeabRYC3VhwVllJ1MnChr
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
56G2HNYB657YJAXW
age
3292899
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js
fastly-restarts
1
x-amz-id-2
Qf2c/jb8vEm1kzEhvzwtWK31pb5eQAuVBSglKQk7LM4pfjsrwZWgCtAUqooQYh3hdJKBzPyuqLg=
x-served-by
cache-lga21975-LGA
content-length
481
last-modified
Mon, 06 Nov 2023 10:38:07 GMT
server
AmazonS3
x-timer
S1702560171.545262,VS0,VE0
etag
"f69c7585b251d4a9280ec36fdaef0b0d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
133
489.web.47313f08e1f54acf8231.js
assets.guim.co.uk/assets/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/489.web.47313f08e1f54acf8231.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8e5f40d76ef90cdbb820a45b56cd9d2ac7a89882d2d762d33c200ad7484db01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
AYbdUXSvUkZUL0RpBmaisnjmvT0wkIti
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
7M8AXH0S9MVWPZFZ
age
5945
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/489.web.47313f08e1f54acf8231.js
fastly-restarts
1
x-amz-id-2
9s1nhvAywCzH6W4RxAoE+mdd2Df4xvMWlqInBtrBr4IAKzSG+Io0y3BrCpcIQ6elDqkO7KK75L8=
x-served-by
cache-lga21975-LGA
content-length
5217
last-modified
Thu, 14 Dec 2023 11:40:38 GMT
server
AmazonS3
x-timer
S1702560171.545255,VS0,VE0
etag
"5c1e837f33c0513062299dfecd4bdd66"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
73
HeaderTopBar-importable.web.ccfdc1360c60d220ff52.js
assets.guim.co.uk/assets/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/HeaderTopBar-importable.web.ccfdc1360c60d220ff52.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f2c590c5d4dee64206111a72cf45255c24b82e2de4e85518a723e4607562464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
zOmetbf5flyEwj8kT8v152aRMbDy_9L8
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
D75T2N0G5S2GJZGW
age
182022
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/HeaderTopBar-importable.web.ccfdc1360c60d220ff52.js
fastly-restarts
1
x-amz-id-2
A+Ks4LsbIzDryPLw4KZQHhs7NZMTIegU/FiL96nFBg/ffvb5PczoRtfaghP1T8vMJAyH5W0lG0E=
x-served-by
cache-lga21975-LGA
content-length
10833
last-modified
Tue, 12 Dec 2023 10:47:36 GMT
server
AmazonS3
x-timer
S1702560171.545234,VS0,VE0
etag
"5b319c5e112416831003088ef0396fdd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
146
1
ophan.theguardian.com/img/ 		0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/1?v=17&platform=next-gen&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&ref=&visibilityState=visible&tz=600&navigationType=navigate&contentType=article&viewId=lq58d77p9gvrwazgilbz
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&inPrivateBrowsingMode=false
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
wrapperMessagingWithoutDetection.js
sourcepoint.theguardian.com/unified/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
via
1.1 93d4768fcd6983151de614ccc8b5605e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
336
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-lga21975-LGA
last-modified
Thu, 02 Nov 2023 15:08:07 GMT
server
AmazonS3
x-timer
S1702560171.572290,VS0,VE1
etag
W/"74fa9eeecc0f7ce308ddca60b7ef2b93"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
izJR2ueiIqz_RtGxLZww_SwHuEI0IDxTpYngOShLfIU--8oHZvqrBw==
x-cache-hits
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&edition=US
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&abTestRegister=%7B%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&experiences=dotcom-rendering
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
ccpa.b154ec02644cd990c80b.bundle.js
sourcepoint.theguardian.com/unified/4.13.4/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/4.13.4/ccpa.b154ec02644cd990c80b.bundle.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90738bd6a083bb0bb11633a2bf01ddf303e3f727c65292564e57482f22156587
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
via
1.1 93d4768fcd6983151de614ccc8b5605e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
3622453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-lga21975-LGA
last-modified
Wed, 18 Oct 2023 19:09:03 GMT
server
AmazonS3
x-timer
S1702560171.621425,VS0,VE2
etag
W/"77e3e266e4f094462ddad55cf561b5bb"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IaczU10ZYWtr_kGuNH8unT4AuqHe43mLf1NP_BCz7kkFg5dbahcn3w==
x-cache-hits
0
get_site_data
sourcepoint.theguardian.com/mms/v2/ 		207 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&account_id=1257
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 f5386598f013dd093e17be33d361f408.cloudfront.net (CloudFront), 1.1 varnish
x-sp-mms-node
ip-10-128-22-248
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.622088,VS0,VE15
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
4gQt3pFIJbxY6v5jpIqTuBn2MbaJA6Whh_BSe9d0Pc35Zf2NzgH49A==
x-cache-hits
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&abTestRegister=%7B%22SignInGateMainVariant%22%3A%7B%22variantName%22%3A%22main-variant-5%22%2C%22complete%22%3Afalse%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
meta-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
19326
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
rcIVErHlZe2q0FDq-z9rM2TTLJVbDiQoJMeim9Xq6gyL_Ceilk5dXA==
x-amz-cf-pop
JFK52-P4
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.642802,VS0,VE2
meta-data
sourcepoint.theguardian.com/wrapper/v2/ 		73 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
3024
x-powered-by
Express
x-cache
Hit from cloudfront, MISS
content-length
73
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.655787,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
gz0R6g7z6J3LU0NfOVXzzbmN6aQDnWD8lXsNlnWO4Ieyqdf0QGmHeQ==
x-cache-hits
0
FocusStyles-importable.web.494ac61b529def96eb8c.js
assets.guim.co.uk/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/FocusStyles-importable.web.494ac61b529def96eb8c.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62b838a3e0936f72d25e0ba795bbe56fec047bacf36798562f2d5b2dc56520cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
pCVw2rdw.VHRiYVIfKpyo0TYyeBj7FRj
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
FXMP31696EDXFS1E
age
24289
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/FocusStyles-importable.web.494ac61b529def96eb8c.js
fastly-restarts
1
x-amz-id-2
1nNrqq5BVboxw64zugL9ZGoSQQQbj5gBnQ/SA9ro4/01++tdyH6MYuDaGAzo2Jufc6kdOBdv5Cg=
x-served-by
cache-lga21975-LGA
content-length
607
last-modified
Wed, 13 Dec 2023 17:37:47 GMT
server
AmazonS3
x-timer
S1702560171.643702,VS0,VE0
etag
"d987baa0cd3dc53340e22651e6055f9c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
133
AlreadyVisited-importable.web.a96f92faf081d6d26494.js
assets.guim.co.uk/assets/ 		610 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/AlreadyVisited-importable.web.a96f92faf081d6d26494.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
728b35f39180730c1c8f410a062daa8cb6af8f1f0b895011d4bf75ab54c6971c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ALFwozk0mL9_F0UidLy5w_89_uvgUnMp
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
6S35TD9BGD7E5KV5
age
89846
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/AlreadyVisited-importable.web.a96f92faf081d6d26494.js
fastly-restarts
1
x-amz-id-2
pSTlXGuhK8LenfzgwqtWodLF5jF1gKpcPOrRYDmSzYRqqsDjqOq0db2MI7LFzqgvhrRpRR+iYts=
x-served-by
cache-lga21975-LGA
content-length
420
last-modified
Wed, 13 Dec 2023 12:22:26 GMT
server
AmazonS3
x-timer
S1702560171.644139,VS0,VE0
etag
"b04eb49216ddb28af739b65e08bf94eb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
160
BrazeMessaging-importable.web.43684fb94119cac0caf1.js
assets.guim.co.uk/assets/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/BrazeMessaging-importable.web.43684fb94119cac0caf1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
078b04768681dc7671533ab48a20524ec50df22101170289c91e64cdceb2d10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GYExSCRrT79_G6sjF6sJ6SuGO7qsmRbx
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
XWTT93AQNWDZ542V
age
5967
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/BrazeMessaging-importable.web.43684fb94119cac0caf1.js
fastly-restarts
1
x-amz-id-2
2gPvBZ20rCyCpiDgNPDeNm2jg9bM/01oXGHoI17BDXsc5zRi0ct/H/9EGG9qwoq9AnIbd5O0ui4=
x-served-by
cache-lga21975-LGA
content-length
5277
last-modified
Thu, 14 Dec 2023 11:40:51 GMT
server
AmazonS3
x-timer
S1702560171.644399,VS0,VE0
etag
"05c7f428891f3f7d43fc395911c2c63c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
79
ReaderRevenueDev-importable.web.aca5026dcba358432f52.js
assets.guim.co.uk/assets/ 		778 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/ReaderRevenueDev-importable.web.aca5026dcba358432f52.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81dd351bcd437894cb1d90c09e1d986df5e41e3d0003aa62fbf8d822be580809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
nmLrDFehNKSGMZEmg.D.HYpKZFlENC1t
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
DSH48AHMWWX7FGX8
age
2331398
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/ReaderRevenueDev-importable.web.aca5026dcba358432f52.js
fastly-restarts
1
x-amz-id-2
SmmBMoFzjqyLsYd+0iLPmAaDeeDaeaxWM/D7zsqT46KokbO6Di20v5r8YrgEiqEccRPEOQqX9Oo=
x-served-by
cache-lga21975-LGA
content-length
466
last-modified
Fri, 17 Nov 2023 13:44:29 GMT
server
AmazonS3
x-timer
S1702560171.645059,VS0,VE0
etag
"195557a0054e67b9cbd75b35812cc163"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
137
2848.web.026dfd259cc535fbd07d.js
assets.guim.co.uk/assets/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/2848.web.026dfd259cc535fbd07d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbed55709808bd73561495adc0c1dc3bfec733542a5e657ec54f4ca9eab3006c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
IBNtTMpATDl2lgl3cbyAuYWd1P_Wp0DL
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
BTVFVWPB1W33QR6K
age
1467082
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/2848.web.026dfd259cc535fbd07d.js
fastly-restarts
1
x-amz-id-2
KtlxtZJ3XHNSxR8HJlyuZ+rZrpoJLwQjLEFvdqOZc8j8EilRaF26t5MOISC1XlbfiiZBn/+KgOU=
x-served-by
cache-lga21975-LGA
content-length
16256
last-modified
Mon, 27 Nov 2023 13:49:22 GMT
server
AmazonS3
x-timer
S1702560171.645664,VS0,VE0
etag
"2984af7a57b4ddb6bf86c967be96a3c5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
141
SupportTheG-importable.web.c02786fd6c581cc5af59.js
assets.guim.co.uk/assets/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SupportTheG-importable.web.c02786fd6c581cc5af59.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b57980a63fed50b368d20b35293283fce3a923a8fa07bbf6fd0abe695caf04de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
NfoMG8wL034waFhxg52bWHVlp8bUCmnP
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
SQN5ZVHG4JST6SVE
age
517779
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SupportTheG-importable.web.c02786fd6c581cc5af59.js
fastly-restarts
1
x-amz-id-2
g34BXurkO411O1eK3kzwoMLg5Xny7RAGA1i9J5GSyVqb7oar+jgDLUg0MfrDxiPZSj+FE8OBd3Q=
x-served-by
cache-lga21975-LGA
content-length
6349
last-modified
Fri, 08 Dec 2023 13:30:20 GMT
server
AmazonS3
x-timer
S1702560171.645852,VS0,VE0
etag
"2654a59194d951afd8b5b0b09d28fe15"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
139
SubNav-importable.web.8daa2f7fa76ebfc260fd.js
assets.guim.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SubNav-importable.web.8daa2f7fa76ebfc260fd.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6c40beb66956bca7971b24932b50613283275d01305d760808d2b2e1729483f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
6VSzGHqn75XdLlJWE4lmuANIxXm5gASr
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
JCBCBKE8EVX3M5V5
age
1467073
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SubNav-importable.web.8daa2f7fa76ebfc260fd.js
fastly-restarts
1
x-amz-id-2
BTS3QAa9escBbfy1gHokMQW51c3/nvbej1WFXsFmE3TgFz5djZx4iucZDOdkiqWNc4U4+ay/CPY=
x-served-by
cache-lga21975-LGA
content-length
2360
last-modified
Mon, 27 Nov 2023 13:49:29 GMT
server
AmazonS3
x-timer
S1702560171.646140,VS0,VE0
etag
"69b51e7208decbc34dfc5511f7119559"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
131
8414.web.44220c69396e35d884c8.js
assets.guim.co.uk/assets/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/8414.web.44220c69396e35d884c8.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
feed015ad376d0af8833220b9a92c88331c067186e11b1db29fc3f6894a234cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
3I2QO5m4iGrNwJ85tLXetImxKqgVZg2J
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
FXMY9VW29KSC66M8
age
24289
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/8414.web.44220c69396e35d884c8.js
fastly-restarts
1
x-amz-id-2
XwDXI561Cf3ZuuourodNh1ecaDrT5fNJ/FYm2tyU5CYY13O17H8g+MEBKgynY94Z6azBw792p+0=
x-served-by
cache-lga21975-LGA
content-length
4963
last-modified
Wed, 13 Dec 2023 17:38:03 GMT
server
AmazonS3
x-timer
S1702560171.655075,VS0,VE0
etag
"875418a879ffae2de7918cb7edfd3b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
147
9812.web.45b5b5789d81c61454c8.js
assets.guim.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/9812.web.45b5b5789d81c61454c8.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a52730d26ed6560263b6cec4cef999ca09b673532a82bc73793e20d3ad1e642f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
8Eh6KA0cnYWfeYLKOp04H_dqV5v8m.9v
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PJT5AQSY2J0R2XNM
age
91989
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/9812.web.45b5b5789d81c61454c8.js
fastly-restarts
1
x-amz-id-2
qIjah/1iWuecvlzPORYDHvCy6LrCoh0Oiji7U6wwFwzxK4jIRj50N24Qnyf78wflJDOKAac0ezQ=
x-served-by
cache-lga21975-LGA
content-length
2744
last-modified
Wed, 13 Dec 2023 11:47:50 GMT
server
AmazonS3
x-timer
S1702560171.655729,VS0,VE0
etag
"08fc551d9b38e90e26eefbdb2f421365"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
160
StickyBottomBanner-importable.web.b54bcc8a34a51ab099b2.js
assets.guim.co.uk/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/StickyBottomBanner-importable.web.b54bcc8a34a51ab099b2.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92b964d79a888f7546c1481db3bacdc0f67ecaf0abf87719f2bf150fda937a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BulPELQ4ug3BneOrzZOGuQ6KQ3p51YvY
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
ME20B41N7QQYS5ZX
age
91926
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/StickyBottomBanner-importable.web.b54bcc8a34a51ab099b2.js
fastly-restarts
1
x-amz-id-2
ZMwBk6gyx52A4vKAGgScSixJb8+eTOS0UnxiyLjm+cRYpdgjSn5IpWVMOAvKEopRYBClehAnBOI=
x-served-by
cache-lga21975-LGA
content-length
3683
last-modified
Wed, 13 Dec 2023 11:47:54 GMT
server
AmazonS3
x-timer
S1702560171.655713,VS0,VE0
etag
"d72edde0692d2cae403fc0217e27812c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
171
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&attentionMs=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
messages
sourcepoint.theguardian.com/wrapper/v2/ 		20 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
4ee6778a3a28827f92e64a5658fbc6ff6eb7bf8c1b8db54cfc7c90d3e67d610a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
x-powered-by
Express
x-cache
Miss from cloudfront, MISS
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.714513,VS0,VE29
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
2yXB2Bd_QPKXD87Y-_WK1KgnbxqZyHtGlEqWwxohK0UgpGUP4jZe_Q==
x-cache-hits
0
messages
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
3KprUYd_cvqk6evjXY9hbPJNfpwYi2f4PRctSPeLY5hr7okFHv3i2Q==
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.694168,VS0,VE14
header
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:50 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.711686,VS0,VE84
header
contributions.guardianapis.com/ 		989 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
c4e602e23c2b970b4e8f0779be73bb7e3090b9cdca503496a6208f8e9b8a7d98

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-lga21950-LGA
date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 varnish
x-timer
S1702560171.811306,VS0,VE87
x-powered-by
Express
etag
W/"3dd-7MX6IqNVtBqWm4W2uq2G0mRsPv4"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
content-length
989
x-cache-hits
0
pv-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.theguardian.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
znJkafPwumNQMookDWN1PHwMaHQdKzWv80IPNgleXwBXOpz60ZZMYA==
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.804429,VS0,VE10
banner
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:50 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.805668,VS0,VE87
pv-data
sourcepoint.theguardian.com/wrapper/v2/ 		190 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
b17413ddcc6c581ad591d8b6c8f80d05af6d7be74c7230a1397a9dff66fa91c6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 28fca7284ad6e07382ad05b79a20cd6a.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
x-powered-by
Express
x-cache
Miss from cloudfront, MISS
content-length
190
x-served-by
cache-lga21950-LGA
x-timer
S1702560171.823746,VS0,VE14
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
z-hgPGYmSyNhzggcJYj7LUl8qLPNvM4TaUoquI7pIfkpGrV9ABVF8A==
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 12:52:28 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1822
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 14 Dec 2023 14:52:28 GMT
config.js
cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/ 		442 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06ea009bf34e09ef04a1544433e342ad5217dd69fc8a3e4ec97d46cc66ad0e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Dec 2023 13:17:10 GMT
server
cloudflare
x-amz-request-id
92X025F35CYK42AT
age
261
etag
W/"582e5b2c05301b6d9ea8868481fd9add"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8356c20ba8c218ae-EWR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gaeY3n5Y2kX7IJcT+O+L2eLEoBPt1N82DNA8dmL4oAiYquKyB0Zv9K6WwxrDLiB01xDYRwsXUv4=
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22CONSENT%22%2C%22products%22%3A%5B%5D%2C%22labels%22%3A%5B%2201%3ACCPA%22%2C%2204%3A%22%2C%2205%3Afalse%22%5D%7D%2C%22action%22%3A%22MANAGE_CONSENT%22%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&consentJurisdiction=CCPA&consentUUID=&consent=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
graun.Prebid.js.commercial.js
assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/ 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
732693f538e4d28b2bc0b7d7bff40f84effaec15b151a40393bc376e673e1298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
oNrX8_.USNMR7N9XDXzknBZXD.OwY7An
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
CNJ8EV0MG7QRX22M
age
686149
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
fastly-restarts
1
x-amz-id-2
HeSnRU7ZMkCgITYltChCwvLaukzrBO56gIvAE4rMD37g7DVlRxffBevn8n6QErXRTaHxOaRrsxQ=
x-served-by
cache-lga21975-LGA
content-length
126618
last-modified
Wed, 06 Dec 2023 14:44:17 GMT
server
AmazonS3
x-timer
S1702560171.801258,VS0,VE0
etag
"d1883e2ffd9035ca50a3310d195bc4e7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
114
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.1.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-1-135.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:51:35 GMT
content-encoding
gzip
via
1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront), 1.1 72620161c44640062c801bfda3ae46f2.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-P2
age
1876
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
M2wzDkvsze59R5wLHI0TWFdk-THZnDKfPoNZ5mI95jFJXYmzwuiJhA==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Server
3.162.3.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-51.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 06:31:19 GMT
content-encoding
gzip
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
24767
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
DV8pnulQgnBSPTWGdI-5b6q3G3Erch9XoYq4Ja82SPpezB71DIM1zA==

Redirect headers

date
Thu, 14 Dec 2023 13:22:50 GMT
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
d763L7f8gEMKRa6dV4zcrBUCwCiho1y2t4aEmBIJI73dLr7kom5P9Q==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
9VKTNVPFV7W344D7
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
0wZeppYlnjKqRsx9T5yGA2OLeKEc6MNURztf3PB6sv7LZYZ3Lwx+FCSv336V4tvRlVCXNNzTImk=
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kcgs7200149-IAD
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
822feca014bdfbe94094d5ca6918b7e85a60a44dab70daab5122549183e348b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29210
x-xss-protection
0
server
cafe
etag
41 / 19705 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:22:50 GMT
banner
contributions.guardianapis.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
d6bcf8b4c72d4fb003cced12195d76155617d6ba5670a34976463dd713f10d83

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-lga21950-LGA
date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
via
1.1 varnish
x-timer
S1702560171.908407,VS0,VE88
x-powered-by
Express
etag
W/"1893-BElG0XPnbZ7EfygIBIg5d7VBpr4"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
x-cache-hits
0
conversion_async.js
www.googleadservices.com/pagead/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c66cfd953713a3729fdc6bc7c851cec6c442190339cdcf3a52b8d70968d91b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16837
x-xss-protection
0
server
cafe
etag
13506662177525363732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:22:50 GMT
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
cdn.permutive.com/ 		989 KB
297 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5b24551298533a8152d2db58c044f24d04ac58a526d1ad6d3f81bc3159a9cac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ABPtcPohHVkFtuQ2-yvEzQvVhwkH7iW0jY8hcUasOJGSbeG3Y-nUr0OqSQjJGwN--HfxLpVCibMfBmXK2QHN2DyQeI894Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
303299
last-modified
Thu, 14 Dec 2023 13:01:58 GMT
server
cloudflare
etag
"d1f20379bc950362732d6b621ce72f1a"
vary
Accept-Encoding
x-goog-generation
1702558918773483
content-type
application/javascript
x-goog-hash
crc32c=pet51A==, md5=0fIDebyVA2JzLWtiHOcvGg==
cache-control
public, max-age=900
x-goog-stored-content-length
303299
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8356c20beb294364-EWR
expires
Thu, 14 Dec 2023 13:37:50 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-119.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 22:07:46 GMT
Via
1.1 764453ad26f42978656c5c159a3b32ce.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-P2
Age
141305
ETag
"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
Y5VpWnSU50RSOD1zbWTTSq84DIN8EmNVNb26wNAUASyLGDkxl-l7Rw==
e96d04c832084488a841a06b49b8fb2d.js
cdn.brandmetrics.com/survey/script/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5110dab7d83f6e73ee729877678cb0f2ab8aa5bddefa4e606fb6899d8e40ae2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 14 Dec 2023 13:07:50 GMT
server
cloudflare
age
900
cf-polished
origSize=5547
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIb0rslqI%2FH23AZwdwlUekcX%2FvhvI3QvvwLRIRNWy1O5L0iAA4r%2BTFxnjnyPSJBDqWWBubC6VY57s7HDqR03Nan29rfhj0uqUNYafCSEXaUjBqh3CLf%2F7WC6b6vqHQenjvAueuHsWsu9pSZS%2F72yjiFq"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8356c20c1db54288-EWR
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
index.html
sourcepoint.theguardian.com/ Frame 06FD 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1019
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Thu, 14 Dec 2023 13:22:50 GMT
etag
W/"5bd8512ba573dfffcca16bcba94d75a2"
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 93d4768fcd6983151de614ccc8b5605e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
JdbKczcDHjATUWmyOYtIHvzORgUER23UDQc7hRG_OaPuL2hWrGy0DA==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-served-by
cache-lga21975-LGA
x-timer
S1702560171.823807,VS0,VE1
Notice.3a0d3.css
sourcepoint.theguardian.com/ Frame 06FD 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.3a0d3.css
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
via
1.1 f26a1d19b20e4cf5dd8998779bc5b1fc.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
3276
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-lga21975-LGA
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-timer
S1702560171.892213,VS0,VE1
etag
W/"453680a5f8883be2b15dcb7878e5d351"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
1DQ_L7ZQ_7Db46JxO034TMcnr7ZPUsJ-iIkjBMLWMkEGMiT4ghOyLg==
x-cache-hits
0
polyfills.d36c5.js
sourcepoint.theguardian.com/ Frame 06FD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/polyfills.d36c5.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
1809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-lga21975-LGA
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
x-timer
S1702560171.892577,VS0,VE1
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
0ShyqwaC8ZltbxcmcQCuL1nmqqnyrAaMGzmdQeT49pPfQVXujWkgsQ==
x-cache-hits
0
Notice.cfd37.js
sourcepoint.theguardian.com/ Frame 06FD 		274 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.cfd37.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=e5e0db7f-787a-4b9e-ba7b-005c73865cfb&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
gzip
via
1.1 79c0ea1b8525955caa2a98e094ca20ec.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
3538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-lga21975-LGA
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-timer
S1702560171.892615,VS0,VE1
etag
W/"ab0bfa06558578f0cc888d8945749f5b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
zSirCU1aEi7_EB8VIdTgbJtlBW9_rbr-XaoDKccNpshAaVloJrRI0w==
x-cache-hits
0
fpc
at.teads.tv/ 		0
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_2167&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=1YNN&shared_ids=&sv=471b531&
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:50 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.theguardian.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 14 Dec 2023 13:22:50 GMT
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=831248132&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&ul=en-us&de=UTF-8&dt=%E2%80%98Forged%20documents%E2%80%99%3A%20how%20Ukrainian%20grain%20may%20be%20enriching%20Putin%E2%80%99s%20circle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACACIAB~&jid=1159940756&gjid=1391188044&cid=228846279.1702560171&tid=UA-78705427-1&_gid=1048469489.1702560171&_r=1&_slc=1&cd3=theguardian.com&cd4=world&cd5=article&cd6=ukforeign&cd7=world%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&cd8=profile%2Ftom-burgis%2Cprofile%2Fpjotr-sauer&cd9=world%2Fukraine%2Cworld%2Frussia%2Cfood%2Ffood%2Cworld%2Fworld%2Cworld%2Fvladimir-putin%2Cenvironment%2Ffarming%2Cenvironment%2Fenvironment%2Cworld%2Feurope-news&cd10=tone%2Ffeatures&cd11=&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd29=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&cd30=us&cd43=dotcom-rendering&cd50=news&z=2020431319
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=2eb17ddf-b728-431c-aa6f-ff87d2a5eec0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ee0a3ec6-d62b-4729-88d4-8d5f17bea5cf&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
71
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
c5e464103e03f8a3
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
4227b218548833cb16f3f54568b222fd12c2585a5849c36780f347f1ac08bb4e
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2eb17ddf-b728-431c-aa6f-ff87d2a5eec0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ee0a3ec6-d62b-4729-88d4-8d5f17bea5cf&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
6
date
Thu, 14 Dec 2023 13:22:51 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
8c218b5112f21e4b
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
973697ecb634b999867d99b94c5f7e4f6022fa06bbe068e2c71a9bdb1bb125fc
content-length
43
adsct
t.co/i/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=1c2b63ee-089b-4a72-926c-6551101009b3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ee0a3ec6-d62b-4729-88d4-8d5f17bea5cf&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
82
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
1033b57ec3253996
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
4227b218548833cb16f3f54568b222fd12c2585a5849c36780f347f1ac08bb4e
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1c2b63ee-089b-4a72-926c-6551101009b3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ee0a3ec6-d62b-4729-88d4-8d5f17bea5cf&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
8
date
Thu, 14 Dec 2023 13:22:50 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
fdc5fc4cfa6aa53b
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
973697ecb634b999867d99b94c5f7e4f6022fa06bbe068e2c71a9bdb1bb125fc
content-length
43
3722
config.aps.amazon-adsystem.com/configs/ 		714 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3722
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-46.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
0939e1aa08e9178f41a836a10f5dab1f16ec260160c9a8369c03cde3e2345497

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:37:14 GMT
via
1.1 036a9c4a824b984cd31ef0e9e0ecd306.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
2737
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
714
x-amz-cf-id
KdPSQN5Kmm8UC7lbR7mZQgO5qwOYOf2DOnCPGlTfYJ6kVReXf8YYgw==
config
c.amazon-adsystem.com/cdn/prod/ 		188 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3722&u=https%3A%2F%2Fwww.theguardian.com
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.1.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-1-135.yul62.r.cloudfront.net
Software
Server /
Resource Hash
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 08:05:00 GMT
via
1.1 72620161c44640062c801bfda3ae46f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P2
age
19070
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
188
x-amz-cf-id
mh7c03dixJ0mI7WnADLdBoKWxuYGl9kqR7Li1UIC7rNnacKabS81NA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.1.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-1-135.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 07:29:33 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
21198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
88Cv_-Q5gh0uQu7NQhdViqwhsPuJNm9Wa8YpSXQ0tmwJgjUA43TKmA==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
K22022QEMH8KCBYK
age
1392575
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8356c20c898018ae-EWR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9vLXC3FdszYxSz8P/u/GaEfP10CQr3Ui59a+mqNaQ3R7EIpHFxWctQ4/MP8V39+oALgpp5TWcdk=
Header.js
contributions.guardianapis.com/modules/v3/headers/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/modules/v3/headers/Header.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72775823b8411175a3070d86f5f034b784237eb696829a57802ebffcf43d5497

Request headers

Referer
https://assets.guim.co.uk/assets/index.web.3009c2e00d416213779f.js?http3=true
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
TVMsbZsQXmcBfIjMa66.31a_jmatyMYo
content-encoding
gzip
via
1.1 varnish
date
Thu, 14 Dec 2023 13:22:50 GMT
x-amz-request-id
FA5SA7PREAF1KZ53
age
59
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-surrogate-control
max-age=300
content-length
35051
x-amz-id-2
xqRRuezKOKT0/gVq6roI/Fy2a/oFv+CoE/rXzlcUe/gVCiyZ4Qkpe3IBCj2C6+Pqo5BKXCtfKFU=
x-served-by
cache-lga21950-LGA
last-modified
Fri, 24 Nov 2023 09:53:17 GMT
server
AmazonS3
x-timer
S1702560171.996645,VS0,VE0
etag
"50b5257c1f12f3883bd9a5e950d73378"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
249c7a199e4e8343db9c98a5cc5a2133fbd6bbd6270a250437240a9e4d745d90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 14 Dec 2023 13:07:50 GMT
server
cloudflare
age
901
cf-polished
origSize=58197
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Np8i1TCNWS2QKI2om6yD1wPUPVzKCqRPEnRH1N3vSpGeuJyKZxsLPan8h0H7IzrZV1Ucb%2FsTJZzK4339pguccz4kNHphFSd6mlbP8FRrPuoET%2FM%2F9T8xE0EgPzSljk5LOP%2FRgMwVLw84zHdCuL7NqhGV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8356c20cbe614288-EWR
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1702560170996&ns_c=UTF-8&cs_ucfr=1&comscorekw=Ukraine%2CRussia%2CFood%2CWorld%20news%2CVladimir%20Putin%2CFar...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1702560170996&ns_c=UTF-8&cs_ucfr=1&comscorekw=Ukraine%2CRussia%2CFood%2CWorld%20news%2CVladimir%20Putin%2CFa...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1702560170996&ns_c=UTF-8&cs_ucfr=1&comscorekw=Ukraine%2CRussia%2CFood%2CWorld%20news%2CVladimir%20Putin%2CFarming%2CEnvironment%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&c8=%E2%80%98Forged%20documents%E2%80%99%3A%20how%20Ukrainian%20grain%20may%20be%20enriching%20Putin%E2%80%99s%20circle%20%7C%20Ukraine%20%7C%20The%20Guardian&c9=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Server
3.162.3.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-51.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P2
x-amz-cf-id
TuOh91uq2m8xAjtrCJseEjhxdfrOhMPuv7sKxdaIo8V_hukGZJwUXA==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 14 Dec 2023 13:22:51 GMT
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1702560170996&ns_c=UTF-8&cs_ucfr=1&comscorekw=Ukraine%2CRussia%2CFood%2CWorld%20news%2CVladimir%20Putin%2CFarming%2CEnvironment%2CEurope&c7=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&c8=%E2%80%98Forged%20documents%E2%80%99%3A%20how%20Ukrainian%20grain%20may%20be%20enriching%20Putin%E2%80%99s%20circle%20%7C%20Ukraine%20%7C%20The%20Guardian&c9=
content-length
0
x-amz-cf-id
EVnoXT2gHR_fd3XlFyh0qkVRlYYEkAhDFR8REKI63P8oqMbETEcGgA==
collect
stats.g.doubleclick.net/j/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78705427-1&cid=228846279.1702560171&jid=1159940756&gjid=1391188044&_gid=1048469489.1702560171&_u=aEBAAUAAEAAAACACIAB~&z=2140483536
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 14 Dec 2023 13:22:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/ 		46 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/pxid?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
997b61e35494b3e15e599aee572ac9efdd793cbcb1b7001029c233d762294820

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
an-x-request-uuid
d70d2745-8038-43f3-9900-7dc24980a006
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
3db31ece-3683-4ac4-9ed1-acbbdad4bf1c
https://www.theguardian.com/ 		643 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/3db31ece-3683-4ac4-9ed1-acbbdad4bf1c
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc43353b343e42c71e67a602ae24a1981c1173d61a7ce9672dcd1b8da551e911

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
658265
Content-Type
b5e6491f-9cdb-4e78-ba84-ff86902ade02
https://www.theguardian.com/ 		643 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/b5e6491f-9cdb-4e78-ba84-ff86902ade02
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc43353b343e42c71e67a602ae24a1981c1173d61a7ce9672dcd1b8da551e911

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
658265
Content-Type
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/?random=1702560171104&cv=9&fst=1702560171104&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tiba=%E2%80%98Forged%20documents%E2%80%99%3A%20how%20Ukrainian%20grain%20may%20be%20enriching%20Putin%E2%80%99s%20circle%20%7C%20Ukraine%20%7C%20The%20Guardian&hn=www.googleadservices.com&us_privacy=1YNN&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc794a6799d94a229740dc280029bd81dd130c16715d0c9c47144fdfe92d447f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1419
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-78705427-1&cid=228846279.1702560171&jid=1159940756&_u=aEBAAUAAEAAAACACIAB~&z=1809113740
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
api.permutive.com/v2.0/ 		275 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
899a432398194bc8c16ede42c087231946974337e7d9e0b5ea575224b78f0e67

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186
watson
api.permutive.com/v2.0/ 		388 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0f6908f38a27d627e119dfa1384d3882a3b3a09ec8aa57c1edc25985d941debd

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
262
truncated
/ Frame 06FD 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 06FD 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 06FD 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 10:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
9437
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 13 Dec 2024 10:45:34 GMT
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com&rnd=1223807
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Thu, 14 Dec 2023 13:22:50 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%7D%2C%22action%22%3A%22INSERT%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-11-22_HEADER_TEST_EOY_R2__US%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
cdn.permutive.com/models/v2/ 		54 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30172ddbd6ccdd6ecf126dfe6eaf5de7ec7c4480b1cc3b18103936b0bb7d6246

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ABPtcPoerEvh_WOTOfjYqsSVtp4Sl7lvAm0FjwxvEBU4QioMvyF8wbjHnNxmXe8x5TVGZ2yKXmhdUSO_ifvTK4RALV0KkB4lEpvu
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
39145
last-modified
Mon, 11 Dec 2023 13:05:21 GMT
server
cloudflare
etag
"5972233737746ef31a7a1823d707d852"
vary
Accept-Encoding
x-goog-generation
1702299921504188
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=WDEXTg==, md5=WXIjNzd0bvMaehgj1wfYUg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
39145
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8356c20eacd58c1b-EWR
expires
Thu, 14 Dec 2023 12:47:17 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
fe29711f1d7066750acd395af97506e959e3d9e99eee3dc2e8829e49993f968b

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
/
www.google.com/pagead/1p-user-list/971225648/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971225648/?random=1702560171104&cv=9&fst=1702558800000&num=1&guid=ON&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tiba=%E2%80%98Forged%20documents%E2%80%99%3A%20how%20Ukrainian%20grain%20may%20be%20enriching%20Putin%E2%80%99s%20circle%20%7C%20Ukraine%20%7C%20The%20Guardian&async=1&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_idjKkcTSiIPXuLWf6nEJMGn05IhqOA&random=3613953464&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pub
pixel.adsafeprotected.com/services/ 		594 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline1,ss:%5B1.1,2.2,300.250,300.274,620.350,550.310,300.197%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
57a75b155309184c87f7679c50ff7f797a7ba4db6a22b6e0da0db47426a9522c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app51.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		595 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--top-above-nav,ss:%5B1.1,2.2,728.90,940.230,900.250,970.250,88.71,300.197,300.250%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
636f9977a81d6d9fdc5805f871fe07e8c990526511384a0c757cc5456708ad81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app39.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		593 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--survey,ss:%5B1.1%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
87feb8f4751667f3f38b7dd642a374f1d3627ae96f767c9d37aa3147040aea8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app63.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		597 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--right,ss:%5B1.1,2.2,300.250,300.274,300.600%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
915d207d227803e976fc7ea8180249af56242e5b87a06662c893288150d95785

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app06.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		605 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising-high,ss:%5B1.1,2.2,88.87,970.250,300.250%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
46dc17b11ef6a9fa67649add34061751f8110e954562b3c36d3b67730f167c50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app52.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		594 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--mostpop,ss:%5B1.1,2.2,300.250,300.274,300.600,300.197%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e4e18bdd70ea17a3e40eac85e0bb2e9ce103a05afd639aaaecc989afbb06d42d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app29.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		600 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising,ss:%5B1.1,2.2,88.88,970.250,300.250%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d9d9dee38d8e7058d284407f0d1669329a3661c39de7ecf958fa4ba43f65d01e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app13.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		599 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline2,ss:%5B1.1,2.2,300.250,300.274,300.600,160.600,300.197%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
19ae91ca51ea7341addb394168e7b47600185785e94f7d505e445e5c078a5743

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app22.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		594 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline3,ss:%5B1.1,2.2,300.250,300.274,300.600,160.600,300.197%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b25ca687a2296148bc253cbf897dfce0285188588a79501d9de4176e875a74d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app19.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		594 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline4,ss:%5B1.1,2.2,300.250,300.274,300.600,160.600,300.197%5D,p:/59666047/theguardian.com/world/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a76dfaec-1969-4cae-448e-27a80d77965e&url=https%253A%252F%252Fwww.theguardian.com%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1a08c08bf299b0eb67896eb83423e775d6066f44620154b7e420943e261a2f36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app38.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&performance=%7B%22dns%22%3A0%2C%22connection%22%3A8%2C%22firstByte%22%3A74%2C%22lastByte%22%3A4%2C%22domContentLoadedEvent%22%3A166%2C%22loadEvent%22%3A881%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D&renderedComponents=%5B%22nav3%22%2C%22nav2%22%2C%22sub-nav%22%2C%22section%22%2C%22meta-byline%22%2C%22auto-linked-tag%22%2C%22footer%22%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&performance=%7B%22dns%22%3A0%2C%22connection%22%3A8%2C%22firstByte%22%3A74%2C%22lastByte%22%3A4%2C%22domContentLoadedEvent%22%3A166%2C%22loadEvent%22%3A881%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
pixel
bid.g.doubleclick.net/xbbe/ Frame 0B4D 		0
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:22:51 GMT
expires
Thu, 14 Dec 2023 13:22:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:10249&sessionId:a76dfaec-1969-4cae-448e-27a80d77965e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
server
nginx
x-server-name
app13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
bid
aax.amazon-adsystem.com/e/dtb/ 		160 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&pid=MYQOgSPZbCMHi&cb=0&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--inline1%22%2C%22s%22%3A%5B%22300x250%22%2C%22620x350%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.17.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-17-200.atl58.r.cloudfront.net
Software
Server /
Resource Hash
7061a231754256284569c8a443c965b6a3a96ed9369a71cb94c6a2a0f18242c5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 03b474db824c472de7c4629c50b35ac4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL58-P1
x-amz-rid
M7TXVMN1JC9Y3AZXBQ2W
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
160
x-amz-cf-id
v2ps8vtf2tQhMDFZAUCXgj1QBLniH_znxyhLtW9rBYezs5X7BXMe-g==
trinity.json
apex.go.sonobi.com/ 		30 B
776 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%7C2a44f3a1312107%22%3A%22300x250%2C620x350%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=375abefa-7e22-4a45-9e3f-3c5bb206dd93&pv=lq58d77p9gvrwazgilbz&vp=desktop&lib_name=prebid&lib_v=8.24.0&us=0&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Dworld%2Cpt5%3Dvladimir-putin%2Cpt5%3Deurope-news%2Cpt5%3Drussia%2Cpt5%3Dukraine%2Cpt5%3Dfood%2Cpt5%3Dfarming%2Cpt5%3Denvironment%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlq58d77p9gvrwazgilbz%7Ctom-burgis%2Cpjotr-sauer%7Cfeatures&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
30
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		23 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.81.111 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.81.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac989f0c974de2c69248ca05c4edf0653d4f9ca4376c583996f3763aaeb2b86a

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 14 Dec 2023 13:22:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
cdb
bidder.criteo.com/ 		0
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=44754190197&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
761 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.0.187.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-187-21.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=204985
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5170f5938c3235fee72ca7d39b999d2744f494befd9ec7f1492e0fb5080047

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0E9i5KWFWos3me%2B32pxBriHcTY9V7a%2F4TwJremY2DT%2B36rO8I9ARkGmB1OzJ4RInFFPzLhiW4V017wk2R5luqglv8fG9v19Usw5BzDM6TbzZnFKanhmXoQlmTspuCDOpFsMRgI6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8356c2105bf38c15-EWR
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
elb.the-ozone-project.com/openrtb2/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ef5936e463333e973ee8b485a76aaeb023870b84ae82c9aa0996704b9e65ff

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8356c2105d411881-EWR
expires
0
prebid
krk2.kargo.com/api/v1/ 		0
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.138.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-138-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
content-encoding
gzip
x-accel-expires
0
nbr
505
vary
Accept-Encoding
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 UTC
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&PageUrl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&PageReferrer=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&CanonicalUrl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
7a1f6dc2ce8d25a1592c827f4d20c3aeaef160aa84f2dd6b313e5c22afbbfcef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
30
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%7D%2C%22action%22%3A%22VIEW%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-11-22_HEADER_TEST_EOY_R2__US%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527
pubads.g.doubleclick.net/activity;dc_iu=/59666047/ 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/59666047/DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 13:22:51 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lq58d77p9gvrwazgilbz&adUnitWasHidden=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.137.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-137-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
bid
aax.amazon-adsystem.com/e/dtb/ 		663 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&pid=MYQOgSPZbCMHi&cb=1&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--right%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.17.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-17-200.atl58.r.cloudfront.net
Software
Server /
Resource Hash
310d40a861dcd3b164afca5b7b8df8261ef18b574c2033542c28fa09c9b0912c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 03b474db824c472de7c4629c50b35ac4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL58-P1
x-amz-rid
0S6C3386FC0S2A24PH8G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
663
x-amz-cf-id
aEvG4hB-UuxOGcpSOT0rJAOxvubVvLHYYyTp3LB9Wh-o7jY6sc2_kA==
iu3
s.amazon-adsystem.com/ Frame CED9
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
330 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5abbb193961a4a7b0af255f4a2fc329d0c73214dad6f7cd8b2963a938bc57699
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
330
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 14 Dec 2023 13:22:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FSQE81A25N3VXKKBV6KN

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Dec 2023 13:22:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HE8Y82M3W9Q8A7MKSJ0S
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948649201027807&correlator=2641639094833820&eid=95320408%2C95320512%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cworld%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C300x250%7C300x274%7C620x350%7C550x310&fluid=height&ifi=1&sfv=1-0-40&fsbs=1&sc=1&cookie_enabled=1&abxe=1&dt=1702560171925&lmt=1702560171&adxs=411&adys=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&vis=1&psz=620x274&msz=620x274&fws=4&ohw=1600&ga_vid=228846279.1702560171&ga_sid=1702560172&ga_hid=831248132&ga_fc=true&dlt=1702560170410&idt=961&prev_scp=slot%3Dinline1%26testgroup%3D52%26id%3De1c71d8a-9a83-11ee-89e6-023710ff5829%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%2C80%26amznbid%3D2%26amznp%3D2%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x250%26hb_pb_ozone%3D0.80%26hb_adid_ozone%3D15de7742ab0e0c8-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.80%26hb_adid%3D15de7742ab0e0c8-0-oz-0%26hb_bidder%3Dozone%26oz_size%3D300x250%26oz_adId%3D15de7742ab0e0c8-0-oz-0%26oz_pb_r%3D0.80%26oz_pb%3D0.8065199999999999%26oz_pb_v%3D2.9.1%26oz_imp_id%3D15de7742ab0e0c8%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dopenx%26oz_auc_id%3D5395cfeb-6689-46cd-90f7-bc4cc6e7bea3%26oz_openx_pb_r%3D0.80%26oz_openx_adId%3D15de7742ab0e0c8-0-oz-0%26oz_openx_adv%3Dharpercollins.com%26oz_openx_crid%3Dc56quh1u%26oz_openx%3Dopenx&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C174902%252Crts%26amtgrp%3D6%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dfeatures%26p%3Dng%26k%3Dworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpd374%26co%3Dtom-burgis%252Cpjotr-sauer%26url%3D%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%26dcre%3Dt%26rc%3D3%26rp%3Ddotcom-rendering%26s%3Dworld%26sens%3Df%26urlkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%26allkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%252Cworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26ab%3DSignInGateMainVariant-main-variant-4%26cc%3DUS%26pv%3Dlq58d77p9gvrwazgilbz%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3D9f3ac40d-e62d-4755-8244-1ac92d507ee5%26prmtvvid%3D19fdf196-b39e-42c1-94b8-8b92511b2686%26prmtvsid%3D9b8277c1-d7f4-491f-94dd-0049703c88ed%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dfalse%26ias-kw%3DIAS_1509996_PG%252CIAS_1506123_PG%252CIAS_1511999_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1512447_PG%252CIAS_1508986_PG%252CIAS_1509981_PG%252CIAS_1506621_PG%252CIAS_1500692_PG%252CIAS_1500903_PG%252CIAS_1500902_PG%252CIAS_1507653_PG%252CIAS_1508970_PG&adks=1532238211&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66df9fa5f71b735520901fd6e7b7ba02530d64b59920c19dda40e0ad2c22757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13351
x-xss-protection
0
google-lineitem-id
5681484409
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138446491910
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0727261693494ddef8482746e4fd62fbd98291a65086dae5b3b47755184adf03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12252
x-xss-protection
0
container.html
cae8c2ea28e3374f652de81f8b96026c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D54 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cae8c2ea28e3374f652de81f8b96026c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
Fri, 13 Dec 2024 13:22:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
translator
hbopenbid.pubmatic.com/ 		0
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
760 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.0.187.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-187-21.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
accept-ch
sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.138.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-138-145.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=46037616908&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
elb.the-ozone-project.com/openrtb2/ 		10 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a0365ea722c22a5e151beceb2a6010f5e22ac4c65db2bb43fa20d7a83fca3d4

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8356c212af041881-EWR
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=204985
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d1d11a0463eae5991d3cb6e4bec84d5c115e5a5ea0e713f8704eb08456824c4

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLgQI%2BS19262G6Tq%2BjYKl3h%2BU6WO507KrfvkhBFMHuQidSKVVBP07i83NDvx0oHV38x%2BkcbKmZKMrXiAOQSHX2W5IHnfmoBjyBwinVWZL3yJJhYHD9IJA5VyW8S5ODVE4zliq4Yo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8356c212bf028c15-EWR
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
hbjson
grid.bidswitch.net/ 		24 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.81.111 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.81.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
718ac0d880e16881a119fff165c223f3e6453b1a89d003d8212efb673e9602cf

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 14 Dec 2023 13:22:52 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&PageUrl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&PageReferrer=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&CanonicalUrl=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
6143960c81b8ce68e0c9280210e21fa1d82cec497ff89ce6afc63cd9ace67149
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:51 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
28
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
trinity.json
apex.go.sonobi.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%7C39baf9cb102b03b%22%3A%22300x600%2C300x250%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=273df59d-b6ef-4903-8d20-d52bc609ed9d&pv=lq58d77p9gvrwazgilbz&vp=desktop&lib_name=prebid&lib_v=8.24.0&us=0&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Dworld%2Cpt5%3Dvladimir-putin%2Cpt5%3Deurope-news%2Cpt5%3Drussia%2Cpt5%3Dukraine%2Cpt5%3Dfood%2Cpt5%3Dfarming%2Cpt5%3Denvironment%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlq58d77p9gvrwazgilbz%7Ctom-burgis%2Cpjotr-sauer%7Cfeatures&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
279ff7f14f09778108224328f37a60f2bb826e0755173d13097839c6e4952dde
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
919
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame AC0F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f15bcf274786feb77bd2ae396919a38f47923658e17b099d7fbefcd3406b8a27
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2611
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
BN9FG6EHVE2X3VT8E5AY
/
onetag-sys.com/match/ Frame AC0F 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
usermatch
ssum-sec.casalemedia.com/ Frame 4368
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720f0a74e2cc8185b6d3a809a8abdd1539e2139420b36464f6caa8eede0d6d16

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8356c2134a730f41-EWR
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGR8crh0cbQvpZwi1lDglAsTUWgDf8%2B2qS3OiI5wYjz4bitIbG9xo7LzrSgsWSDrXBx6ywr6Enz37u6%2FR2juH9xX1hSq1Rf7PpIUiLnrpCjQpcsvPVuw4xSBoU%2Fieenr7FZ4U2bndjBFcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8356c2132f7c8c15-EWR
content-length
0
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zg9TmfcX7ZaGnjm0Q%2B2Fnc15s%2FEfnIMB7cClLHFdtAKa2TlCeGUpaSHVyKz8eXbklBSUEBSf1G7Mjo88q%2FQdQjLZ7nOxJIKJYWMwhNaHYqsvOmGp9KG7YksT2c%2BvnK0cAYkLugoss3eH5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1897 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161228
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
Sat, 16 Dec 2023 10:10:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
uc.html
sync.go.sonobi.com/ Frame DDE0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
27eea70665fef2ba5f8a24edeff2f9f714f977fc221b8db54a725431dd8aaf3c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-length
863
content-type
text/html
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
x-xss-protection
0
cm
u.openx.net/w/1.0/ Frame FCB3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
763ed5024812d5332db786f5e5558c3918acd536df31bb43226dddd0951b129a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
397
content-type
text/html
date
Thu, 14 Dec 2023 13:22:52 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Dec 2023 13:22:52 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame C4DB
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2992174037707784947&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2992174037707784947&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
D5JADXTSWR07QA53Z2B6

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 13:22:52 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2992174037707784947&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame EC4C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7124857179851734154&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7124857179851734154&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
B49YT2P8XXWSH11VTSRA

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
05588a30-888e-4a3b-8339-c18a1d741489
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=7124857179851734154&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame BCAC
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e6c5b38ce2d48f036319f0e0a002be10f874dcc69e4bd913844faf5634d5e1b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
505
Content-Type
text/html
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap6ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ewr1
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 4670 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
73b9f3bb538d95e8124d9971e793ea0f104fa3697bf2412e51f5fdf6bb206782

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
ecm3
s.amazon-adsystem.com/ Frame 1FD3
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=119942835268329456868
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=119942835268329456868
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KM28CMYJ5XWHV5BHFCPY

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 13:22:52 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=119942835268329456868
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 13:22:52 GMT
us.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=dae20180-897d-4967-862d-184aeca4dd29&google_hm=ZGFlMjAxODAtODk3ZC00OTY3LTg2MmQtMTg0YWVjYTRkZDI5
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEYDwNriePkhv_7i74UrCTQ&google_cver=1&ssp=sonobi&bsw_param=dae20180-897d-4967-862d-184aeca4dd29
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 14 Dec 2023 13:22:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=a8eab6db-f103-457f-bed9-4e45a07b3671&pubid=91e92b73fd
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=a8eab6db-f103-457f-bed9-4e45a07b3671&pubid=91e92b73fd
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=a8eab6db-f103-457f-bed9-4e45a07b3671&pubid=91e92b73fd
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970314646804484354
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970314646804484354
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970314646804484354
Date
Thu, 14 Dec 2023 13:22:52 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4f1de70f-98b5-4f31-a55d-78f855a57328&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dzNhWFNRemJINjNCaXloMk9uLVg0Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELzmATKFen5ixv2KJGwQzKY&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=9sqhxA1ot6tb
49 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=9sqhxA1ot6tb
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=9sqhxA1ot6tb
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-qg448
expires
-1
us.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=2w51-qyfWF5reWb4xqKsmAW16oU
49 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=2w51-qyfWF5reWb4xqKsmAW16oU
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=2w51-qyfWF5reWb4xqKsmAW16oU
Date
Thu, 14 Dec 2023 13:22:52 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&pi=sonobi&tc=1
49 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&pi=sonobi&tc=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&pi=sonobi&tc=1
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT, Thu, 14 Dec 2023 13:22:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
7.gif
id5-sync.com/c/434/796/3/ Frame DDE0
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=4f1de70f-98b5-4f31-a55d-78f855a57328&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=4f1de70f-98b5-4f31-a55d-78f855a57328&gdpr=0&gdpr_consent=&us_privacy=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F8%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/8/2.gif?puid=32b239a0-ab2d-4809-b73e-d37dda384a87&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/7/3.gif?puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a8eab6db-f103-457f-bed9-4e45a07b3671&ttl=%%TTL%%
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F5%2F5.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F5%2F5.gif%3Fp...
  • https://id5-sync.com/cq/434/124/5/5.gif?puid=cd1347e3-c502-4545-a8eb-66a3dc736273&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=a8eab6db-f103-457f-bed9-4e45a07b3671&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1245%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/434/1245/4/6.gif?puid=H0eCePZHYKqpHbQzR42fHIsP&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F3%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/434/796/3/7.gif?puid=935250ca-a545-48f5-9af9-b2e5e5320cdf&gdpr=0&gdpr_consent=
0
0
ID1=4f1de70f-98b5-4f31-a55d-78f855a57328
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ Frame DDE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=4f1de70f-98b5-4f31-a55d-78f855a57328
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame DDE0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=4f1de70f-98b5-4f31-a55d-78f855a57328
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DZPP2GGXYF4J7RMY42CR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame DDE0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=4f1de70f-98b5-4f31-a55d-78f855a57328
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4f1de70f-98b5-4f31-a55d-78f855a57328
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4f1de70f-98b5-4f31-a55d-78f855a57328
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
3.92.120.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-184.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0db51bf63.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
lV6UdFfARzA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-0735ccd9c.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
fYFSXsIYRWk=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4f1de70f-98b5-4f31-a55d-78f855a57328
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ Frame DDE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame DDE0 		0
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=4f1de70f-98b5-4f31-a55d-78f855a57328
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-89.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sync.go.sonobi.com/
access-control-allow-methods
POST, GET
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
ExKQoveBm7XGQGBkpE1shCm5EhkOOdSFjaEZZvCoVc0C6FPjgT19Iw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame DDE0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4f1de70f-98b5-4f31-a55d-78f855a57328
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=4f1de70f-98b5-4f31-a55d-78f855a57328
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Kestrel
content-length
359
db_sync
px.ads.linkedin.com/ Frame DDE0
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=4f1de70f-98b5-4f31-a55d-78f855a57328
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDRmMWRlNzBmLTk4YjUtNGYzMS1hNTVkLTc4Zjg1NWE1NzMyOBAAGg0IrIPsqwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&rand=01518922
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&rand=01518922&expected_cookie=376fdda2-b5bd-4afc-bd00-0b2009f1f3bc
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&rand=01518922&expected_cookie=376fdda2-b5bd-4afc-bd00-0b2009f1f3bc
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 28DCA40546B24BAEA26B55A0171F3681 Ref B: EWR30EDGE0710 Ref C: 2023-12-14T13:22:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMeC5L+Hi9zHeaozohKA==

Redirect headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 518C164F451247649E373305E63BA0C6 Ref B: EWR30EDGE0710 Ref C: 2023-12-14T13:22:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=314dfd47ba9ddf8e30cccf889eb9f1e06bfed7f24e1216011df81516e4a2f159791426b5417dce21&rand=01518922&expected_cookie=376fdda2-b5bd-4afc-bd00-0b2009f1f3bc
x-li-source-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMeC5JcUcLL0xFWO1pZQ==
us.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7124857179851734154
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7124857179851734154
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
an-x-request-uuid
22194675-408e-41d9-a5d0-fb4367e7f4d7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7124857179851734154
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usg.gif
sync.go.sonobi.com/ Frame DDE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NGYxZGU3MGYtOThiNS00ZjMxLWE1NWQtNzhmODU1YTU3MzI4
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEINMoF69x7PODaEAliiFmWQ&google_cver=1
49 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEINMoF69x7PODaEAliiFmWQ&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEINMoF69x7PODaEAliiFmWQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=CiMR8SkqdVpl&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=CiMR8SkqdVpl&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=CiMR8SkqdVpl&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-fp8sz
expires
-1
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=dae20180-897d-4967-862d-184aeca4dd29
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=dae20180-897d-4967-862d-184aeca4dd29
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=dae20180-897d-4967-862d-184aeca4dd29
Date
Thu, 14 Dec 2023 13:22:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkM2Q0E4QzctMUQwQi00NjkzLUEzNUQtNTBBRTlDRkUwNzNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
date
Thu, 14 Dec 2023 13:22:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.yellowblue.io/ Frame 4670
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1702560172171
  • https://ad.turn.com/r/cs?pid=45&rndcb=2069970713
  • https://sync.1rx.io/usersync/turn/8162894186595708908?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11599&id=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
date
Thu, 14 Dec 2023 13:22:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX102ccb588ace429b80ca7458bce78d64005
content-type
text/html
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 4670 		57 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 14 Dec 2023 13:22:52 GMT
cookie
cm.adform.net/ Frame 4670 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$UID
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
nginx
content-length
43
content-type
image/gif
cs
cs.yellowblue.io/ Frame 4670
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=bd6d9b85d016104917a3743e822f3a37&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=bd6d9b85d016104917a3743e822f3a37&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=bd6d9b85d016104917a3743e822f3a37&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702560172164059-1193
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7124857179851734154&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7124857179851734154&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
an-x-request-uuid
4f9ae8d1-1fcc-41de-be4f-f05c0ffbe2f0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7124857179851734154&gdpr=0&gdpr_consent=
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212257090824875
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212257090824875
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212257090824875
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame 4670
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=7387344376717378074&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=7387344376717378074&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=7387344376717378074&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:51 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=80a24722-2b89-421d-85a3-ae506458ad51&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=80a24722-2b89-421d-85a3-ae506458ad51&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=80a24722-2b89-421d-85a3-ae506458ad51&gdpr_consent=null&gdpr=0
date
Thu, 14 Dec 2023 13:22:52 GMT
server
_
content-length
0
cs
cs.yellowblue.io/ Frame 4670
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
date
Thu, 14 Dec 2023 13:22:52 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 4670
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=74b1d8e2-6262-07ad-2e94-7ed723f6912d
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=74b1d8e2-6262-07ad-2e94-7ed723f6912d
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=74b1d8e2-6262-07ad-2e94-7ed723f6912d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4670 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=IBg4oAn-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R9HGQ00S1ZQJQAWT5DSX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4368 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GXSBVEY8A90WQRZZG5AJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
pippio.com/api/ Frame 4368
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6e526da762fa44a3835e3b76e37652d4
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=6e526da7-62fa-44a3-835e-3b76e37652d4
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=8d60d335-1254-4654-8994-a83540b3f21b%3A1702560172.2972653&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D8d60d335-1254-4654...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=970314646804484354&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D8d60d33...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=8d60d335-1254-4654-8994-a83540b3f21b%3A1702560172.2972653&pid=500040&it=1&iv=8d60d335-1254-4654-8994-a83540b3f21b%3A1702560172.2972653&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1702560172.3000627&iv=8d60d335-1254-4654-8994-a83540b3f21b:1702560172.2972653
42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1702560172.3000627&iv=8d60d335-1254-4654-8994-a83540b3f21b:1702560172.2972653
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1702560172.3000627&iv=8d60d335-1254-4654-8994-a83540b3f21b:1702560172.2972653
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
crum
dsum-sec.casalemedia.com/ Frame 4368
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXsBrLkpbmgLgq-N6q8TEAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDYeipgiL0nDeFIItttmJXw&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDYeipgiL0nDeFIItttmJXw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlNAJbO%2FAEFcVG7q6wD6ULrKt2ocUjhxOoA0yvkJLqNBq4Fnu7kFCc4HcDS17NXv6Slyf5zw6F5in%2FL8tz%2BU7vAEkZHBnPcrdZBrHRHmVqKEctgEqP7CQNIEnNagc5cP4b1qneDGIXopJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2146b610f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDYeipgiL0nDeFIItttmJXw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4368
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqmzepauFfwlk1IukGnwJo&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqmzepauFfwlk1IukGnwJo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWhe7Zkw6t3hWqn1l7h3lor22uCKF47e52QQnGAV5jdL1u3HSUMcf5TIhJsWK7I%2BB%2BJaW2eM7JYP88ak7CeUkbtboH8Er%2Fm2KHtc88vr9O45u6osndy1G84xJFy9Zfnd%2FsAlf6z5JlDCsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2146b600f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqmzepauFfwlk1IukGnwJo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4368
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671&expiration=1705152172&gdpr=0&gdpr_consent=
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671&expiration=1705152172&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lrie5k4qc0KxOFkTMfmjsBhZvGwIZmHRRhmJ8WvHRTWB6pSWwrFItEoz9pYPHSrnW62cfIjxQ3%2Fh%2BV1NbKwJpSCHH5gR7xaK9HaavVv2ln6wxES4JapsyB5aOHwjhSxG6jPqXJUNexrGrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2141b120f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671&expiration=1705152172&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Kestrel
content-length
323
crum
dsum.casalemedia.com/ Frame 4368
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e2aa92fd-0faa-8e2b-ff104402
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e2aa92fd-0faa-8e2b-ff104402
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CbxoMjrr9z1xfLDwl8nXPWQNeVlclFC2XmXlEhCZXjvP72fg7T2Y4wyQvUDEDz%2BXBMh8YTTOj581fHYI0cZ4WqeBf0LTj3OZqMGMVMTkFS43u0z0iCnFKzrwRMCUPp6dkgX1kj9"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c21428928c15-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e2aa92fd-0faa-8e2b-ff104402
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 4368
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718371372&external_user_id=7a4d9276-e30b-451d-83dc-676b8686a4ec
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718371372&external_user_id=7a4d9276-e30b-451d-83dc-676b8686a4ec
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UX3lNxMwhN%2FvkI68usozjkEpLuPp%2BGcl0Gs8J6o%2FKAZlIRq91NNjtV%2B0fXIk87AU8H7YpNGJmWa5ztw4rQZzXIn6Ulf5TO%2Felf2I%2F4002sHEeDj%2BYOuUdN9hbR32jJXY7936gMX79p5E1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2145b5b0f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718371372&external_user_id=7a4d9276-e30b-451d-83dc-676b8686a4ec
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4368
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
2600:1f18:4e9:5a02:66d2:da85:8248:ed74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB
date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 4368 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JWM79B3AKQ5XRG45H2PJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 9B14
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 13:22:52 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 13:22:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 8BB4 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ecm3
s.amazon-adsystem.com/ Frame FCB3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=c467b809-a927-8112-a5dd-a0d26a6c8e8e
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4X329W88QZQAK6XMB3AF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0876a230-2521-a8a1-5404-34b0fd088827
pr-bh.ybp.yahoo.com/sync/openx/ Frame FCB3 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/0876a230-2521-a8a1-5404-34b0fd088827?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:66d2:da85:8248:ed74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame FCB3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c467b809-a927-8112-a5dd-a0d26a6c8e8e
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9VG2V0MF3CXY213GA8B7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FCB3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8eab6db-f103-457f-bed9-4e45a07b3671&ttd_puid=9cb1c474-b58d-3ae8-65d3-2245025f456e&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame FCB3 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjBkZTE3YmUtN2NmYS02NDRjLTcwMzMtNzhmY2M4YmQ4YjBl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FCB3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHyc3nE5cA0fDNAsf-6UB8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHyc3nE5cA0fDNAsf-6UB8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHyc3nE5cA0fDNAsf-6UB8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ab3a89997961b41cd20b53ab49cf5c88581a05139535f73e3406a995f7b9d4f3

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
bid
aax.amazon-adsystem.com/e/dtb/ 		122 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&pid=MYQOgSPZbCMHi&cb=2&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--top-above-nav%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.17.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-17-200.atl58.r.cloudfront.net
Software
Server /
Resource Hash
803dccff1029f499d8beea0653504c753683fe84df1d08a078335ce54c7f0519
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 03b474db824c472de7c4629c50b35ac4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL58-P1
x-amz-rid
1FN1MF7N55DZ7W8942Z1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
122
x-amz-cf-id
NxpMK5CnkC43fZPApHmQJnj2VOvGCH73twx4kvkVcShP-5jAToFruw==
ecm3
s.amazon-adsystem.com/ Frame BCAC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H0eCePZHYKqpHbQzR42fHIsP&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YYVA475N38595SM3S8EY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame BCAC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dae20180-897d-4967-862d-184aeca4dd29&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7124857179851734154&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=fmx&bsw_param=dae20180-897d-4967-862d-184aeca4dd29
  • https://ce.lijit.com/merge?pid=26&3pid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 14 Dec 2023 13:22:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame BCAC 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame BCAC
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPUdf40ffcc56f0457bacc633de0ff751f9&gdpr=0&gdpr_consent=&pid=103
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPUdf40ffcc56f0457bacc633de0ff751f9&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPUdf40ffcc56f0457bacc633de0ff751f9&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame BCAC
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H0eCePZHYKqpHbQzR42fHIsP&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=ZXsBrOGIX1XokO07UVDFE6G7
43 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=ZXsBrOGIX1XokO07UVDFE6G7
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
Aorta/20231212.88a94bacf
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=ZXsBrOGIX1XokO07UVDFE6G7
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
68112109a39c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame BCAC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=H0eCePZHYKqpHbQzR42fHIsP&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=864661978466
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=864661978466
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=864661978466
Content-Length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EC7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
12951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 09:47:01 GMT
expires
Fri, 13 Dec 2024 09:47:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C6D1 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bec15d928cc12789dbd1267a16c8b9b57e6ba2a9a51b4ce411bdcbb53fa73ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CYkTWGzJq4W_GsmFjCtNvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CYkTWGzJq4W_GsmFjCtNvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
Thu, 14 Dec 2023 13:22:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 9B14 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
54d7fc75d8c7e54b6b34d014e063d4f915fee3601d9351fa7028ec0f1f2b729f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 11:54:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81089
Connection
keep-alive
Content-Length
13232
Expires
Fri, 15 Dec 2023 11:54:21 GMT
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600043-LCY, cache-lga21955-LGA
server
nginx
x-timer
S1702560172.305637,VS0,VE82
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
c55ffe16d6beaa774b5a7f47113a22cd69642dc0
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1897 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42777887&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ca2da895c1f36a21ee5b378739948d654880ac639753d0404ce214dfd5d45ceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 14 Dec 2023 13:22:52 GMT
content-length
1731
content-type
text/html; charset=UTF-8
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0EC7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 08:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
534638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 08:52:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C6D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2948649201027807&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame DC25 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
507ACSGXPKAQPVJDHME7
ecm3
s.amazon-adsystem.com/ Frame 39F8 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDFC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:22:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QCP6Q28Z2G17287NGBSZ
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1897
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Gyoxx0LRpOjXVCunP4HOw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=161228
accept-ranges
bytes
content-length
5622
expires
Sat, 16 Dec 2023 10:10:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 1897
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7124857179851734154&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7124857179851734154&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
an-x-request-uuid
d6cd3a7c-a3e9-482e-a08e-4f6e83361119
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7124857179851734154&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2C%2C
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 1897 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 1897 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Dec 2023 13:22:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 1897
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEImOySoVrPVVKvK0y6QX99c&google_cver=1
42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEImOySoVrPVVKvK0y6QX99c&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEImOySoVrPVVKvK0y6QX99c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1897
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F
42 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 03:45:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 13 Dec 2023 13:22:52 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1897
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=
42 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Kestrel
content-length
355
FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1897 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:66d2:da85:8248:ed74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 1897
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EkOz6F9E2uU3v6Vnv8fprDU6jo4DbKo-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EkOz6F9E2uU3v6Vnv8fprDU6jo4DbKo-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EkOz6F9E2uU3v6Vnv8fprDU6jo4DbKo-~A&gdpr=0
date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
khaos.json
token.rubiconproject.com/ Frame 9B14 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5EFF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk9naxpRXalPMKUeA1W1O6nSxvnVSD_NF0aGbGsmbQBNkqOsGrcBz_tOn1utpeB_Eu_o16lRNecIO_ArqVrQq5aCmjSoH-i9Y3z8cDhE5LnKRniXqg8arXRbKQzFUnaCL4jUvalZBCs9sdEi_zcqyNkW9qtk6SJSfW0im63E6HYuBo6dK2B6towmpY9rE35ypIeUVF9FImoGFp4XOu-TvR5-BmcIO8wyxY09ycAnj5U1f0mPN-buWVd52Fc5NjbdelqyiKJ4s9jOAfcG-cMjRKLa8dPNmAbAMZWAbyUf1B7OU82hyrCR9FfCJDx-kFGC2y6g7pY3SmkkQsokUEYDokol3aXzHDSGffbXXQwXQvXd8tIRRnvONGJqt_4fXyhd-Dkb26a2kh5MN_3OJaIQ&sai=AMfl-YTpwf-96dR_LNTOu9yVsjZfMlcK7J5aQ4kkRZf7zoyhAHgt4INrhqDLGqQwO3xodH3-LQVsvLpr1NxBdjRTBC_O9pVk3hergTKCrL_dkv_wZN5nJ6EjOnmoOalZJg&sig=Cg0ArKJSzDMDOaL1loUDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
connatix.playspace.js
cd.connatix.com/ Frame A2DD 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481238ccaa6be60d923897b147062e1fb4bce42e604b4d0a8649ef2df9d58ceb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8356c215fff40f3b-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5EFF 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:22:52 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948649201027807&correlator=2641639094833820&eid=95320408%2C95320512%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cworld%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C300x250%7C300x274%7C300x600&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie=ID%3D23723dddd777ff2d%3AT%3D1702560171%3ART%3D1702560171%3AS%3DALNI_MYXvcB13X_DQLJOkC9A5VYcIyG8ew&gpic=UID%3D00000a039669cd16%3AT%3D1702560171%3ART%3D1702560171%3AS%3DALNI_MZsVvu85M4sgs3w8jepqorlQ1uqeQ&abxe=1&dt=1702560172518&lmt=1702560172&adxs=1109&adys=422&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&vis=1&psz=300x1600&msz=300x2&fws=516&ohw=1600&psts=AOrYGskMdz8cwFpcXRVpzJdnoIloB1nW6cLduOe_cOrBL8jWy9fSTu0I6njI8c4VVi2M9nDz9aHf6JlVHQkSnRg0rVed01h20Gn_FA&ga_vid=228846279.1702560171&ga_sid=1702560172&ga_hid=831248132&ga_fc=true&dlt=1702560170410&idt=961&prev_scp=slot%3Dright%26testgroup%3D78%26id%3De1c71d52-9a83-11ee-83b2-0274a4e57cbd%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26amznbid%3Doaskcg%26amznp%3D6r08w0%26amzniid%3DJNkuGQ9E3-pTzqQGQyF-UioAAAGMaH6IaAEAAA6KAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCYCICt%26amznsz%3D300x600%26amznactt%3DOPEN%26oz_openx_dealid%3DOX-XPT-g4lAn6%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x600%26hb_pb_ozone%3D0.80%26hb_adid_ozone%3D308c50aeab9d80f-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.80%26hb_adid%3D308c50aeab9d80f-0-oz-0%26hb_bidder%3Dozone%26oz_size%3D300x600%26oz_adId%3D308c50aeab9d80f-0-oz-0%26oz_pb_r%3D0.80%26oz_pb%3D0.8065199999999999%26oz_pb_v%3D2.9.1%26oz_imp_id%3D308c50aeab9d80f%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dopenx%26oz_auc_id%3D98f93cbf-399a-411d-b81c-36db69d09616%26oz_openx_pb_r%3D0.80%26oz_openx_adId%3D308c50aeab9d80f-0-oz-0%26oz_openx_adv%3Dibm.com%26oz_openx_crid%3Dydhn3x0h%26oz_openx%3Dopenx&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C174902%252Crts%26amtgrp%3D6%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dfeatures%26p%3Dng%26k%3Dworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpd374%26co%3Dtom-burgis%252Cpjotr-sauer%26url%3D%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%26dcre%3Dt%26rc%3D3%26rp%3Ddotcom-rendering%26s%3Dworld%26sens%3Df%26urlkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%26allkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%252Cworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26ab%3DSignInGateMainVariant-main-variant-4%26cc%3DUS%26pv%3Dlq58d77p9gvrwazgilbz%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3D9f3ac40d-e62d-4755-8244-1ac92d507ee5%26prmtvvid%3D19fdf196-b39e-42c1-94b8-8b92511b2686%26prmtvsid%3D9b8277c1-d7f4-491f-94dd-0049703c88ed%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dfalse%26ias-kw%3DIAS_1509996_PG%252CIAS_1506123_PG%252CIAS_1511999_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1512447_PG%252CIAS_1508986_PG%252CIAS_1509981_PG%252CIAS_1506621_PG%252CIAS_1500692_PG%252CIAS_1500903_PG%252CIAS_1500902_PG%252CIAS_1507653_PG%252CIAS_1508970_PG&adks=4292028739&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a06a2473fc94728ac6d550c64832a8eff5937fb7a0a59a5ce9e64f760a79364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12760
x-xss-protection
0
google-lineitem-id
5999758531
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138269767687
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 5EFF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73236c4e77aeaaed4ab91679ae7380c1f82d6137e922ae19d4bf6529cd440f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 1DFD 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10249&campId=550x310&pubId=4856441909&chanId=61700127&placementId=5681484409&pubCreative=138446491910&pubOrder=2747822805&custom=article&custom2=inline1&custom3=us&adsafe_par&impId=e1c71d8a-9a83-11ee-89e6-023710ff5829
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
/
Resource Hash
06add7ea48455de92086b4abfb97bbf4596db5dc65f63d51e5ec8660088aba88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5EFF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4-WmmmmRXCpm_mUAdBd4zP7xV8gV5Hh7DAKceOrillqvkzlhKct6GbVHTuLsjZDr07m8d8iJYuEXuosy7yzptkKQjfepx2G9WeDGKr8uRYtxWr4wa6WC-ZnejyghE-jc5-bWyUOy7UuaCzlmNwg5raF6jmmCbfwqTlGvcj6K1cssUIXefWGPdaKV4fTazT-1ux0Gs4N1PgzEvS8lwxLOZu7PTYSMni6FEOIHSE4stquTlA5CMegn6aMjVr7XLKCBPkvgbIRyrcYP_TtfMYEF5IjikbBAJfynhySnAH-_ArCjAXETtWt7tmntmowSX3ruvMbQmFg9aZBJDERhxIMwgCXoxbvH6MX4DA2scDKBNu_a95CL73KVly9VsVNJ_F4QwCpFlhmG6k_0C7fZn92KR&sai=AMfl-YT_KCE7F44WXowf3zZsfWTgj65iYIjJoXL_2RDYJ0TvXzJSLtorlA28w9JKpd-iOCqiuhb8pjbDtK_VQiGxiJNjPeofKj0L4J1xIs6wPDhL3gIqEogAJrS7sUEGkQ&sig=Cg0ArKJSzD9padh3RRp1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 13:22:52 GMT
cs
cs.yellowblue.io/ Frame 9B14
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LQ58D8TE-Z-KF35
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=204985
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc2b1f83f9fc9e36466385450de81b0d6bbbd65b426d842e0ddb6e419016761

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaQLPkcvFLa0UH8MhLHbBNRlqP8aguePhdixhMb2Meesm%2BhXhnTRFvCE7QvWV990ALYcVKN7xyzVxn6o%2BPa%2F8RMAxtHpvsXRXnLpCR%2F9CRcQM0T%2FERGOButra9oE6OE2b6YWYUmi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8356c216bd200f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=73053880036&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
elb.the-ozone-project.com/openrtb2/ 		132 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43637e65522ec6f32cb08985a2390e64ae9b11e9d2570e7ff75e1a1c57a621c

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8356c216ba5f1881-EWR
expires
0
translator
hbopenbid.pubmatic.com/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f9edfd024f05b4a0487ea636e0aa5ccbbb56593ac1b720a2135b09e6888e6bb4

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Thu, 14 Dec 2023 13:22:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
760 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.0.187.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-187-21.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.81.111 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.81.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
17f03de576206e874d21996dd09f787469df59318e5b558151297de1a2a0844d

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 14 Dec 2023 13:22:52 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
trinity.json
apex.go.sonobi.com/ 		374 B
798 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%7C551b3c55bcb36af%22%3A%22970x250%2C728x90%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fworld%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=d1a7d444-ec5b-4c35-8d68-c2b9603c0964&pv=lq58d77p9gvrwazgilbz&vp=desktop&lib_name=prebid&lib_v=8.24.0&us=0&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Dworld%2Cpt5%3Dvladimir-putin%2Cpt5%3Deurope-news%2Cpt5%3Drussia%2Cpt5%3Dukraine%2Cpt5%3Dfood%2Cpt5%3Dfarming%2Cpt5%3Denvironment%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlq58d77p9gvrwazgilbz%7Ctom-burgis%2Cpjotr-sauer%7Cfeatures&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
33d1f978b78978fba1eb9e7bc1f1b04b2dfce9d64b18f5c7f359af2a058049df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
259
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.138.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-138-145.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
generate_204
tpc.googlesyndication.com/ Frame 0EC7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G20JLA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
connatix.playspace.js
cds.connatix.com/p/397463/ Frame A2DD 		1 MB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/397463/connatix.playspace.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f3d315c93c004d53b1197076ffccbeff783959d4f673ea8b8e26384d7d5f9c1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-amz-version-id
STRTVPU1VFC4Daxl0_qLDrwIDBzqvECk
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 12:56:13 GMT
server
cloudflare
etag
W/"dbfd3004aeddd2134095b3b66d2f836e"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8356c217089f0f3b-EWR
access-control-allow-headers
range
expires
Fri, 13 Dec 2024 13:22:52 GMT
main.19.8.466.js
static.adsafeprotected.com/ Frame 1DFD 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10249&campId=550x310&pubId=4856441909&chanId=61700127&placementId=5681484409&pubCreative=138446491910&pubOrder=2747822805&custom=article&custom2=inline1&custom3=us&adsafe_par&impId=e1c71d8a-9a83-11ee-89e6-023710ff5829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 19:59:43 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
62590
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
mMvy20cXgGeLQ1nWO1ZbIVQobmcbk1YAYG3KKHZOJj9FaVvb1GO3_A==
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
tap.php
pixel.rubiconproject.com/ Frame 9B14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbafcziX8on-tLySi3Kzig&google_cver=1
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbafcziX8on-tLySi3Kzig&google_cver=1
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMbafcziX8on-tLySi3Kzig&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 9B14
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=D2OErdoWQ223EhhZL8coaQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D2OErdoWQ223EhhZL8coaQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D2OErdoWQ223EhhZL8coaQ
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8W8MY9Q0ZJRKTFJR95T1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D2OErdoWQ223EhhZL8coaQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9B14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQ58D8TE-Z-KF35&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ58D8TE-Z-KF35&ex=d-rubiconproject.com&status=ok
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WXHAWZASDTBYWB7MCTVF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ58D8TE-Z-KF35&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
setuid
px.ads.linkedin.com/ Frame 9B14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ58D8TE-Z-KF35
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ58D8TE-Z-KF35
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: DC837AA1F93F41468703C0DB3694DB66 Ref B: EWR30EDGE0710 Ref C: 2023-12-14T13:22:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMeC5NkWeFj4jeqByrYg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ58D8TE-Z-KF35
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9B14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rW1Xtjepk5U3msvxDEieuw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pbV9qd5E2oKSNbsyioLgWMzp78hWpRUYgU4poQ--~A
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pbV9qd5E2oKSNbsyioLgWMzp78hWpRUYgU4poQ--~A
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pbV9qd5E2oKSNbsyioLgWMzp78hWpRUYgU4poQ--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9B14 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3YPT90SCT2FC0RED9F80
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9B14
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=&expires=30
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 9B14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc5NTQyNDBjYTc5MTUwM2RjMTU1OWRiMjcyYWQwY2NhZTJlMDgyZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc5NTQyNDBjYTc5MTUwM2RjMTU1OWRiMjcyYWQwY2NhZTJlMDgyZg
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc5NTQyNDBjYTc5MTUwM2RjMTU1OWRiMjcyYWQwY2NhZTJlMDgyZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9B14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFE1OEQ4VEUtWi1LRjM1
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGlZFflu8vn_mwWmBVWer6A&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE1OEQ4VEUtWi1LRjM1&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE1OEQ4VEUtWi1LRjM1&google_push=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE1OEQ4VEUtWi1LRjM1&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 9B14
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACbNU7K9gMAABLqgtK56w&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACbNU7K9gMAABLqgtK56w&expires=30
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACbNU7K9gMAABLqgtK56w&expires=30
Date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 9B14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQ58D8TE-Z-KF35
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ58D8TE-Z-KF35
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ58D8TE-Z-KF35
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
v1
match.sharethrough.com/sync/ Frame 9B14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ58D8TE-Z-KF35
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ58D8TE-Z-KF35
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.205.215.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-215-181.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ58D8TE-Z-KF35
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 9B14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ58D8TE-Z-KF35
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQ58D8TE-Z-KF35
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQ58D8TE-Z-KF35
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 9B14
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=935250ca-a545-48f5-9af9-b2e5e5320cdf&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=935250ca-a545-48f5-9af9-b2e5e5320cdf&expires=30
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=935250ca-a545-48f5-9af9-b2e5e5320cdf&expires=30
Date
Thu, 14 Dec 2023 13:22:52 GMT
Connection
keep-alive
X-CI-RTID
e78dd320-75ad-4e29-9439-d92ba60ebece
Content-Length
144
Content-Type
text/html; charset=utf-8
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 9B14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ58D8TE-Z-KF35
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ58D8TE-Z-KF35
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ58D8TE-Z-KF35&ckls=true&ci=xV54ja8gTG&nc=false&trid=685390935
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ58D8TE-Z-KF35&ckls=true&ci=xV54ja8gTG&nc=false&trid=685390935
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.225.195.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-23.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 0dbb84b34f6ac39ad26a6446ff2b18ec.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
KzsSHjApx5g7CywlJiJrOxpXhCQqQjKxFCrOd__k_75LmMm8TtO0Uw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ58D8TE-Z-KF35&ckls=true&ci=xV54ja8gTG&nc=false&trid=685390935
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
xej3CK9tyjFJkQnGSCbXeVPF8iX_DqGQNn9ofZH-InITKBv7D6_xIQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync
hb.yahoo.net/ Frame 9B14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ58D8TE-Z-KF35&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ58D8TE-Z-KF35&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS13bHlEZkt0RTJ1SEw5dFNFQU56YTBzbGVaN19kZ2tSOH5B&ovsid=LQ58D8TE-Z-KF35&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS13bHlEZkt0RTJ1SEw5dFNFQU56YTBzbGVaN19kZ2tSOH5B&ovsid=LQ58D8TE-Z-KF35&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.117.182.209 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 14 Dec 2023 13:22:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 14 Dec 2023 13:22:53 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS13bHlEZkt0RTJ1SEw5dFNFQU56YTBzbGVaN19kZ2tSOH5B&ovsid=LQ58D8TE-Z-KF35&dpid=58160
date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
cSyncRemoteEntry.js
cds.connatix.com/p/397463/ Frame A2DD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/397463/cSyncRemoteEntry.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-amz-version-id
k8NRJwNgnBe024O6zc871Jv3rrY7aVQg
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 12:56:15 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8356c21839b40f3b-EWR
access-control-allow-headers
range
expires
Fri, 13 Dec 2024 13:22:52 GMT
connatix.playspace.css
cds.connatix.com/p/397463/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/397463/connatix.playspace.css
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5105a671b848a36111043b2f18410e4cd83d59d468bec58f09b53fa9ed299ab2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-amz-version-id
mLbaElOQiIOVTsiCnde1JXpgP3AWBCh2
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 12:56:13 GMT
server
cloudflare
etag
W/"51785f5f49379f3482dd6343e1332a96"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8356c21839b30f3b-EWR
access-control-allow-headers
range
expires
Fri, 13 Dec 2024 13:22:52 GMT
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600052-LCY, cache-lga21955-LGA
server
nginx
x-timer
S1702560173.885369,VS0,VE87
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
c55ffe16d6beaa774b5a7f47113a22cd69642dc0
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
ads
securepubads.g.doubleclick.net/gampad/ 		397 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948649201027807&correlator=2641639094833820&eid=95320408%2C95320512%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cworld%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C728x90%7C940x230%7C900x250%7C970x250%7C88x71&fluid=height&ifi=3&sfv=1-0-40&fsbs=1&sc=1&cookie=ID%3D23723dddd777ff2d%3AT%3D1702560171%3ART%3D1702560171%3AS%3DALNI_MYXvcB13X_DQLJOkC9A5VYcIyG8ew&gpic=UID%3D00000a039669cd16%3AT%3D1702560171%3ART%3D1702560171%3AS%3DALNI_MZsVvu85M4sgs3w8jepqorlQ1uqeQ&abxe=1&dt=1702560172926&lmt=1702560172&adxs=0&adys=12&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&vis=1&psz=1600x90&msz=1600x90&fws=516&ohw=1600&psts=AOrYGskMdz8cwFpcXRVpzJdnoIloB1nW6cLduOe_cOrBL8jWy9fSTu0I6njI8c4VVi2M9nDz9aHf6JlVHQkSnRg0rVed01h20Gn_FA&ga_vid=228846279.1702560171&ga_sid=1702560172&ga_hid=831248132&ga_fc=true&dlt=1702560170410&idt=961&prev_scp=slot-fabric%3Dfabric1%26slot%3Dtop-above-nav%26testgroup%3D64%26id%3De1c82e8d-9a83-11ee-ac32-0a0ad507ed9d%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%2C80%26amznbid%3D2%26amznp%3D2%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D970x250%26hb_pb_pubmatic%3D0.01%26hb_adid_pubmatic%3D589fb821e1429e%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D589fb821e1429e%26hb_bidder%3Dpubmatic&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C155919%252C174902%252Crts%26amtgrp%3D6%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dfeatures%26p%3Dng%26k%3Dworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpd374%26co%3Dtom-burgis%252Cpjotr-sauer%26url%3D%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%26dcre%3Dt%26rc%3D3%26rp%3Ddotcom-rendering%26s%3Dworld%26sens%3Df%26urlkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%26allkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%252Cworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26ab%3DSignInGateMainVariant-main-variant-4%26cc%3DUS%26pv%3Dlq58d77p9gvrwazgilbz%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3D9f3ac40d-e62d-4755-8244-1ac92d507ee5%26prmtvvid%3D19fdf196-b39e-42c1-94b8-8b92511b2686%26prmtvsid%3D9b8277c1-d7f4-491f-94dd-0049703c88ed%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dfalse%26ias-kw%3DIAS_1509996_PG%252CIAS_1506123_PG%252CIAS_1511999_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1512447_PG%252CIAS_1508986_PG%252CIAS_1509981_PG%252CIAS_1506621_PG%252CIAS_1500692_PG%252CIAS_1500903_PG%252CIAS_1500902_PG%252CIAS_1507653_PG%252CIAS_1508970_PG&adks=3601455775&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58e982b16f79e3f1023a7f0abeb537d812be57ebc0c98ca4321be598138655b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
952.js
cds.connatix.com/p/397463/ Frame A2DD 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/397463/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/cSyncRemoteEntry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-amz-version-id
h2bX5n6kku.qaylpTYemz6.q8JsKH.9W
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 12:56:15 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8356c218da2b0f3b-EWR
access-control-allow-headers
range
expires
Fri, 13 Dec 2024 13:22:52 GMT
402.js
cds.connatix.com/p/397463/ Frame A2DD 		45 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/397463/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/cSyncRemoteEntry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a453ade31af0118629c4b7686eaae4e4248a1768b707e033d8d0f4eaf177c01a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:52 GMT
x-amz-version-id
EAuGo.JR29Ul_JIsUKMveMDvOE_cMCgb
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 12:56:16 GMT
server
cloudflare
etag
W/"0bfdcab785ef6b9a586feebcbe69419f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8356c218da2e0f3b-EWR
access-control-allow-headers
range
expires
Fri, 13 Dec 2024 13:22:52 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948649201027807&correlator=2641639094833820&eid=95320408%2C95320512%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cworld%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie=ID%3D23723dddd777ff2d%3AT%3D1702560171%3ART%3D1702560171%3AS%3DALNI_MYXvcB13X_DQLJOkC9A5VYcIyG8ew&gpic=UID%3D00000a039669cd16%3AT%3D1702560171%3ART%3D1702560171%3AS%3DALNI_MZsVvu85M4sgs3w8jepqorlQ1uqeQ&abxe=1&dt=1702560172941&lmt=1702560172&adxs=0&adys=416&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&vis=1&psz=1600x7532&msz=1600x0&fws=4&ohw=1600&psts=AOrYGskMdz8cwFpcXRVpzJdnoIloB1nW6cLduOe_cOrBL8jWy9fSTu0I6njI8c4VVi2M9nDz9aHf6JlVHQkSnRg0rVed01h20Gn_FA&ga_vid=228846279.1702560171&ga_sid=1702560172&ga_hid=831248132&ga_fc=true&dlt=1702560170410&idt=961&prev_scp=slot%3Dsurvey%26testgroup%3D45%26id%3De1c80807-9a83-11ee-9f27-022a81884765%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%2C80&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C155919%252C174902%252Crts%26amtgrp%3D6%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dfeatures%26p%3Dng%26k%3Dworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpd374%26co%3Dtom-burgis%252Cpjotr-sauer%26url%3D%252Fworld%252F2023%252Fdec%252F11%252Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle%26dcre%3Dt%26rc%3D3%26rp%3Ddotcom-rendering%26s%3Dworld%26sens%3Df%26urlkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%26allkw%3Dforged%252Cdocuments%252Chow%252Cukrainian%252Cgrain%252Cmay%252Cbe%252Cenriching%252Cputins%252Ccircle%252Cworld%252Cvladimir-putin%252Ceurope-news%252Crussia%252Cukraine%252Cfood%252Cfarming%252Cenvironment%26ab%3DSignInGateMainVariant-main-variant-4%26cc%3DUS%26pv%3Dlq58d77p9gvrwazgilbz%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3D9f3ac40d-e62d-4755-8244-1ac92d507ee5%26prmtvvid%3D19fdf196-b39e-42c1-94b8-8b92511b2686%26prmtvsid%3D9b8277c1-d7f4-491f-94dd-0049703c88ed%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dfalse%26ias-kw%3DIAS_1509996_PG%252CIAS_1506123_PG%252CIAS_1511999_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1512447_PG%252CIAS_1508986_PG%252CIAS_1509981_PG%252CIAS_1506621_PG%252CIAS_1500692_PG%252CIAS_1500903_PG%252CIAS_1500902_PG%252CIAS_1507653_PG%252CIAS_1508970_PG&adks=1117467226&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0eb12f9276a02fa066eb6daf7ddbaad28c4fd2d4f4312756d7941ed1e854011d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7700
x-xss-protection
0
google-lineitem-id
6427681599
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138457870142
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7B26 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
11786234
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
uCuaA8YIfVGr956LcnYHfunAJFrv8Ki8gRxVcS7SAWzS4eBaEdKLDg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10249&campId=550x310&pubId=4856441909&chanId=61700127&placementId=5681484409&pubCreative=138446491910&pubOrder=2747822805&custom=article&custom2=inline1&custom3=us&adsafe_par&impId=e1c71d8a-9a83-11ee-89e6-023710ff5829&adsafe_url=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&adsafe_type=abcedfq&adsafe_jsinfo=,id:5ea216e0-517c-eec5-bbd9-808772525f52,c:wJNspg,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-784989cffc-h5k4s,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:446.1342.550.310,am:i,cc:446.1342.550.310,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:287,mot:0,app:0,maw:0,fm:tYq4Yy9+11%7C12%7C13%7C14%7C1511%7C15121%7C15122%7C1513%7C1514%7C1515%7C1516%7C1517%7C15181%7C15182%7C1519%7C16%7C17%7C18%7C19%7C1a*.10249%7C1a1%7C1a2,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:354,oid:e2744dc7-9a83-11ee-b068-b2ae3b0da5ae,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
nginx
x-server-name
app54.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
publishertag.prebid.js
static.criteo.net/js/ld/ 		98 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-18615"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 13:22:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4E26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVl5c6XpUKVQVvujE4TTIaHTP4HZBnb7HQUG6hfXsEdPcJ6U07NuBF1bEOG7_1uGUjw0gWyf0RSA46W7p1pMimYMBRuh8j0O-FPnV9baa778fu78thDmzZJpSA7YgspNIpp45qt4ge06Cvb6uUbIa7qwsBDgyqpHn2bnlx5YH7dnhVFHey6M3xzslulTRkMalZRwyFeo-On8HIR7MyEWfVOdJ5fvDcQoxVYduwlsaEgbnhyGdlCdcwFMcIW7Gg_HsxpJa9_Zvh51Ee5C3Hk2jAT_2wIC_rMgsw3msysCZdDXWcINk6aPrTsLkuapix-9joOcnracHxxKsw-_KAXwVv4JQ6poYlKfVVx2UH5ubjvlL00fWH3b134Z0S7eZIgKpcjTaYWOT8G45NjYKnsh-kuA&sai=AMfl-YTohnNwNJyUSDc-Sacg8U6IQL167zRMlyj9kc7l8-dqWwWOhphQx8XwW6VRSHp7n64selEn6SRg6EY4uusV84fQ5WtJzpC1PpzhaPNSi4MrgeFqWouWi7qMn12cnQ&sig=Cg0ArKJSzOiIR6_hp2pyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dvbs_src.js
cdn.doubleverify.com/ Frame 4E26 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=589953&cmp=169568&plc=413e405&sid=edcbd7ed316741c&aufilter1=gq8jr5m&prr=1&ppid=102&autt=1&auevent=2ed10db2-4bd1-4cf2-925a-351c918a33c3&audeal=OX-XPT-g4lAn6&c1=gq8jr5m&auadv=v5n5yy2&c2=hf6rued&aucmp=5pv3g52&aucrtv=ydhn3x0h&c3=openx&c4=dv-51003938&pltfrm=539997005&c5=www.theguardian.com&c6=po63bkh&turl=www.theguardian.com%2fworld%2f2023%2fdec%2f11%2fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&dvregion=0&unit=300x600
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 11:33:42 GMT
Server
UploadServer
ETag
"5fee02868c9340b4ebdda571508e474c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Fri, 15 Dec 2023 13:22:53 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 4E26 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b677cd181c01dfb61199e7c5e3a82538d4dde1871363c845fc895e2fc8369996

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 10:38:55 GMT
Server
UploadServer
ETag
"950e4afb255670bde118e62ce487a088"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3640
Expires
Thu, 14 Dec 2023 13:37:53 GMT
ca
choices.truste.com/ Frame 4E26 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=5pv3g52_hf6rued_ydhn3x0h&c=tradedesk01cont1&js=pmw0&w=300&h=600&sid=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-37.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
c9f495ef9692017a494270ccf46ad499054d480e2d033f3331ead79d74674bc8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 1f0f1388abc5c7a2f1935aa322216120.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop
YUL62-P2
cross-origin-embedder-policy
unsafe-none
age
3167
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7196
x-xss-protection
1; mode=block
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=3600
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
aFnXI-UOngJRkH6S8UFMqv8KEXpP9AxGrNdYzlWlNDPNFzoJ8RDFag==
expires
Thu, 14 Dec 2023 13:30:06 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 4E26 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=818052&cmp=DV140326&sid=TTD&plc=dispview&advid=818053&adsrv=163&btreg=&btadsrv=&dvtagver=6.1.src&DVP_TTD_1=gq8jr5m&DVP_TTD_2=v5n5yy2&DVP_TTD_3=hf6rued&DVP_TTD_4=5pv3g52&DVP_TTD_6=openx&DVP_HAS_VIEW=1&rtsurl=https%3A%2F%2Finsight.adsrvr.org%2Fenduser%2Fdv%2F%3Frtb%3DdD0xJmlpZD0yZWQxMGRiMi00YmQxLTRjZjItOTI1YS0zNTFjOTE4YTMzYzMmY3JpZD15ZGhuM3gwaCZ3cD0ke0FVQ1RJT05fUFJJQ0U6T1hDUllQVH0mYWlkPTEmd3BjPVVTRCZzZmU9MTdiMjgxYWMmcHVpZD05MDY5M2I2Yy0yNmNkLTc1YmYtZTUxYS03NGY1ODcxZWVkNzUmdGRpZD1kZTI2MTM1NS00NzY5LTRjOWUtOTBmNi1kOWRlOTY5ODUwNzkmcGlkPWdxOGpyNW0mYWc9aGY2cnVlZCZhZHY9djVuNXl5MiZicD0xLjM1MTQ4OCZjZj01Njk1NjcwJmZxPTAmdGRfcz13d3cudGhlZ3VhcmRpYW4uY29tJnJjYXRzPXkyOSx2OHQmbXN0ZT10aGVndWFyZGlhbi5jb20mbWZsZD00Jm1zc2k9Jm1mc2k9JnVob3c9MTA0JmFnc2E9JnJnej0xMDAxMyZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz0wMSZtbGFuZz0mc3ZwaWQ9NTM5OTk3MDA1JmRpZD1PWC1YUFQtZzRsQW42JnJjeHQ9T3RoZXImbGF0PTQwLjc1ODkxMSZsb249LTczLjk3OTAxOSZ0bXBjPS0wLjEzOTk5OTk5OTk5OTk4NjM2JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9JmJmZmk9NDEmbWs9ZGVza3RvcCZtZGw9YnJvd3NlciZjPUNnMVZibWwwWldRZ1UzUmhkR1Z6RWdoT1pYY2dXVzl5YXhvRE5UQXhJZ2hPWlhjZ1dXOXlhemdCVUF0WUFvQUJBSWdCQVpBQkFiQUJBTG9CQlFpV1RCZ0l3QUhFOXdqQUFjOGF3QUc4NkFmUUFjVDNDSklDQ1RVMU56VTJOVEkyTk5nQ2lBN2dBb2dPLUFJQmdBTUJpQU1Ca0FNQm1BTURvQU1ndUFQUTBBVFFBd0RhQXdRSVVSZ0UmZHVyPUNqNEtJV05vWVhKblpTMXRZWGhFYjNWaWJHVldaWEpwWm5sQ2NtRnVaRk5oWm1WMGVTSVpDTnZfX19fX19fX19fd0VTREdSdmRXSnNaWFpsY21sbWVRby1DaUZqYUdGeVoyVXRZV3hzUkc5MVlteGxWbVZ5YVdaNVZtbGxkMkZpYVd4cGRIa2lHUWp3X19fX19fX19fXzhCRWd4a2IzVmliR1YyWlhKcFpua0tQd29pWTJoaGNtZGxMV0ZzYkVSdmRXSnNaVlpsY21sbWVVSnZkRUYyYjJsa1lXNWpaU0laQ09mX19fX19fX19fX3dFU0RHUnZkV0pzWlhabGNtbG1lUXBDQ2lWamFHRnlaMlV0YldGNFEyOXRjMk52Y21WZk0xQlFRVjlGZVdWdmRHRmZRM1Z6ZEc5dEloa0kxZkw1X19fX19fX19BUklNWTI5dGMyTnZjbVV0WTNSNENrOEtNR05vWVhKblpTMWhiR3hFYjNWaWJHVldaWEpwWm5sRWFYTndiR0Y1Vm1sbGQyRmlhV3hwZEhsVWNtRmphMmx1WnlJYkNMZl9fX19fX19fX193RVNER1IyTFhKbGNHOXlkR2x1WnlvQSZjcnJlbHI9JmFkcHQ9bm9weCZmcGE9NzIxJnBjbT0zJnZjPTMmc2FpZD04NTQ2NTY5Yy1mOGNiLTQ3YTktODJhNC0zZjM5MDAyY2ZhODEmaWN0PVVua25vd24mYXVjdD0xJnVzX3ByaXZhY3k9MVlOTiZpbT0xJm1jPWI2N2MzNjQzLTQ1YTktNDdmZi04NmZmLWU0MmJmZThjOTc4YSZhYnI9ODQ3MTg1NTgtYWJiZC00NTYyLWFmZDYtNmMzZDFjZjhlYTJhJnRhaWw9MSZzdj1vcGVueCZ0YWlsPTE.%26pie%3D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b677cd181c01dfb61199e7c5e3a82538d4dde1871363c845fc895e2fc8369996

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 10:38:55 GMT
Server
UploadServer
ETag
"950e4afb255670bde118e62ce487a088"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3640
Expires
Thu, 14 Dec 2023 13:37:53 GMT
moatad.js
z.moatads.com/openxdisplay970503469688/ Frame 4E26 		337 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/openxdisplay970503469688/moatad.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.110.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-110-24.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
535b7a0cbfd2db5e7f845b4c974f3f9fe274421d8cba0ba1d2fe967420f1e00b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:34:16 GMT
server
AmazonS3
x-amz-request-id
FFQK79R2VK4Z7AZZ
etag
"a9f91090b4c4e585ca30e6e5f3d28c7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61261
accept-ranges
bytes
content-length
117061
x-amz-id-2
J6tVdk6EA0fw1ONvpPNRTt1I7+XEJgu1J+JTQ/vAKMxCwanCBRRNMIAc/DNj3GGNXoY39nFHlQc=
wp.gif
elb.the-ozone-project.com/ Frame 4E26 		0
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/wp.gif?currency=USD&seat_id=&request_id=98f93cbf-399a-411d-b81c-36db69d09616&adunit=dfp-ad--right&size=300x600&adomain=%5Bibm.com%5D&imp_id=308c50aeab9d80f&auction_id=&bid_id=04a93f1a-3075-4aa1-956c-9a30bb20462b&crid=ydhn3x0h&price=0.8065199999999999&seat_name=openx-0&publisher_id=OZONEGMG0001&dealid=OX-XPT-g4lAn6
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 14 Dec 2023 13:22:53 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8356c21a6ded1881-EWR
content-length
0
expires
Wed, 11 Nov 1998 11:11:11 GMT
prebid
ox-rtb-us-east4.openx.net/win/ Frame 4E26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-us-east4.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAfkcGApaQkdxUVR4WVROHBaiteL87YTsmYoBFq-N7L-ysOLP9AEAHBbCqqqHxsafqQkWqef9zejzspPVAQAW1obY1wwVBjgkNDNjNTA0MzUtOGY0YS00YTQ4LWJmY2MtYmMxZGUzMzlkZTg4SQwALBwVAgAcFQIAHBUCABwVAgAAHCagld6TBBUEFQQmws39ggQWms39ggQlAhUCprQNFrQNFrQNFpQKFpQKFpQKFpQKFp4PABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFpjamIAEFujP8oIEFq7-ooMEFvLP8oIEFRgcFLAJFNgEABUEJp4PFp4PFp4PETUOJp4PNAIALCwWreGl8-DY1Ln1ARb9lZj937Hg2_oBABbWhtjXDAYomNqYgAQW6M_yggQW8s_yggQWrv6igwQYCHlkaG4zeDBoFoBJFp4PJQQW6gEYBDYxNTIVAqEoAk9YDHoUIhQqACgDcnRiABw1BhgNT1gtWFBULWc0bEFuNhaUClwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWqL7WlQQWpr7WlQQAzBsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBHRydWUArDgHaWJtLmNvbQAAAA&ph=b3803ba0-aa74-4967-ba10-c1cb16f55ce8
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.113.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.113.95.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 google
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
openx
va6-bid.adsrvr.org/bid/feedback/ Frame 4E26 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://va6-bid.adsrvr.org/bid/feedback/openx?t=1&iid=2ed10db2-4bd1-4cf2-925a-351c918a33c3&crid=ydhn3x0h&wp=AAABjGh-iHKxgCVqfoBOOqPb6ElUCwVo6XTr5w&aid=1&wpc=USD&sfe=17b281ac&puid=90693b6c-26cd-75bf-e51a-74f5871eed75&tdid=de261355-4769-4c9e-90f6-d9de96985079&pid=gq8jr5m&ag=hf6rued&adv=v5n5yy2&sig=1Fv7rNyI0cBEmDYGDhzK1tCDBUwIgOPr3W1WUFLJ0w8k.&bp=1.351488&cf=5695670&fq=0&td_s=www.theguardian.com&rcats=y29,v8t&mste=theguardian.com&mfld=4&mssi=&mfsi=&uhow=104&agsa=&rgz=10013&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=01&mlang=&svpid=539997005&did=OX-XPT-g4lAn6&rcxt=Other&lat=40.758911&lon=-73.979019&tmpc=-0.13999999999998636&daid=&vp=0&osi=&osv=&bffi=41&mk=desktop&mdl=browser&c=Cg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTAxIghOZXcgWW9yazgBUAtYAoABAIgBAZABAbABALoBBQiWTBgIwAHE9wjAAc8awAG86AfQAcT3CJICCTU1NzU2NTI2NNgCiA7gAogO-AIBgAMBiAMBkAMBmAMDoAMguAPQ0ATQAwDaAwQIURgE&dur=Cj4KIWNoYXJnZS1tYXhEb3VibGVWZXJpZnlCcmFuZFNhZmV0eSIZCNv__________wESDGRvdWJsZXZlcmlmeQo-CiFjaGFyZ2UtYWxsRG91YmxlVmVyaWZ5Vmlld2FiaWxpdHkiGQjw__________8BEgxkb3VibGV2ZXJpZnkKPwoiY2hhcmdlLWFsbERvdWJsZVZlcmlmeUJvdEF2b2lkYW5jZSIZCOf__________wESDGRvdWJsZXZlcmlmeQpCCiVjaGFyZ2UtbWF4Q29tc2NvcmVfM1BQQV9FeWVvdGFfQ3VzdG9tIhkI1fL5________ARIMY29tc2NvcmUtY3R4Ck8KMGNoYXJnZS1hbGxEb3VibGVWZXJpZnlEaXNwbGF5Vmlld2FiaWxpdHlUcmFja2luZyIbCLf__________wESDGR2LXJlcG9ydGluZyoA&durs=p6cShQ&crrelr=&adpt=nopx&fpa=721&pcm=3&vc=3&said=8546569c-f8cb-47a9-82a4-3f39002cfa81&ict=Unknown&auct=1&us_privacy=1YNN&im=1&mc=b67c3643-45a9-47ff-86ff-e42bfe8c978a&abr=84718558-abbd-4562-afd6-6c3d1cf8ea2a&tail=1
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.162.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E26 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:22:53 GMT
pixel
protected-by.clarium.io/ Frame 4E26 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_N29EZ2lUc3E4OFVTNHJyQkcwX054cGFma3JnL29wZW54OjMwMHg2MDA=&v=5&s=v31hhk7t342&id=eyJwcmViaWQiOnsiYWRJZCI6IjMwOGM1MGFlYWI5ZDgwZi0wLW96LTAiLCJjcG0iOjAuODA2NTE5OTk5OTk5OTk5OSwicyI6ImRmcC1hZC0tcmlnaHQiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOm96b25lO3lkaG4zeDBoIiwiYWRvbWFpbiI6ImlibS5jb20iLCJkc3AiOjExM30%3D&cb=87536&h=www.theguardian.com&d=eyJ3aCI6Ik4yOUVaMmxVYzNFNE9GVlROSEp5UWtjd1gwNTRjR0ZtYTNKbkwyOXdaVzU0T2pNd01IZzJNREE9Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsib3BlbngiXSwiaGJfc2l6ZSI6WyIzMDB4NjAwIl19fSwid3IiOjB9
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.36.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-36-234.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=5ea216e0-517c-eec5-bbd9-808772525f52&tv=%7Bc:wJNssy,pingTime:-2,time:557,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:101,beZ:103,mfA:389,cmA:391,inA:391,inZ:395,prA:396,prZ:446,si:455,poA:456,poZ:489,cmZ:489,mfZ:489,loA:499,loZ:502,ltA:657,ltZ:657,mdA:103,mdZ:295%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:550.310,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN,newUser:true,dateCreated:2023-12-14T13:22:50.727Z,gpcEnabled:false%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:550,h:310,t:352%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:557,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:352,wc:0.0.1600.1200,ac:446.1342.550.310,am:i,cc:446.1342.550.310,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B265~0%5D,as:%5B265~550.310%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tYq4Yy9+11%7C12%7C13%7C14%7C1511%7C15121%7C15122%7C1513%7C1514%7C1515%7C1516%7C1517%7C15181%7C15182%7C1519%7C16%7C17%7C18%7C19%7C1a*.10249%7C1a1%7C1a2,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:354,slid:%5Bgoogle_ads_iframe_/59666047/theguardian.com/world/article/ng_0,google_ads_iframe_/59666047/theguardian.com/world/article/ng_0__container__,dfp-ad--inline1,maincontent%5D,sinceFw:201,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:43b2:9ac0:b6a1:39c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600070-LCY, cache-lga21955-LGA
server
nginx
x-timer
S1702560173.246334,VS0,VE83
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
c55ffe16d6beaa774b5a7f47113a22cd69642dc0
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600028-LCY, cache-lga21955-LGA
server
nginx
x-timer
S1702560173.246448,VS0,VE87
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
c55ffe16d6beaa774b5a7f47113a22cd69642dc0
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
iframe_buster_200_260.js
s0.2mdn.net/879366/ Frame A0B4 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/iframe_buster_200_260.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27697
x-xss-protection
0
last-modified
Wed, 31 Jul 2019 21:01:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Dec 2023 21:04:12 GMT
truncated
/ Frame A0B4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f0e518110ff1a2ac91e0f40f99b7bb57554cc13e94a12f29bd6c46b6495fcea

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sync
capi.connatix.com/core/ Frame A2DD
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0583396299e814ee9e08bfd54eba2fbe9dee5aee3ce01f683e4a5b68c8bc9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21bcc8e0f3b-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21b5c2e0f3b-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
story
capi.connatix.com/core/ Frame A2DD 		319 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=397463&ab=1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2c5c89de988c79731bfbe97bec7440875994bf99aabb74d3faf0a91ba8ed2

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21b5c2c0f3b-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2948649201027807&bg=!tLelt_jNAAY3kmNgF5I7ADQBe5WfOCv-BK4M83QjtkvQn7iwMgEMHXn8wOBK9vEBYc_65lGno2_mzU-nFQrCQ-t8ZrZPAgAAATlSAAAABGgBBwoABMWBHwuZAwUgruLyF4TCibPto64pIWsf5g6VxdQqqKfWKfG3cIVv2smAJY1C4w0sLiCDNdQ9tY4rB87MlJaTxNuD4FOekS6LQ5tHNhOfAoGra6trn3q0OBStw4-h8PMGDvFwIhr4bwwiYS-yXVNqcgkv1LLRwzocFHpBRjMFyWa-fePm0JKwbYROolgdsHmCdPeLREMropZCqWj4_9qDV0xutvOVWcTyuXHLO7S029OCD232fp4lvHAugLjIq6zJh7_9bnAcir486Yo32UPRCXijv56m2gWEZOg4g_YnIWPgwOA8ixVW3_IZJUPNFzIZRrOt08hrF2OEX1INAUYHasgTctIRuqYPiVI7PzqAPO3i_RSzZVim5pJsfCTUOGdmY_K9GdVnGu8hANvK_QXOQ-GwK1Zb2RLYZbxAwsBon1EunF8AIV2orTNb0EZ4x-WbLRCO_ClIiUIeVCor8A7hd7vJsVm2YiCiOk78f7a8Z98FkK5n50aFzB9uXx3vwLSHN-WIIcaqEOvMQZ7y2mBW71FUsHfIcRiEMgGP9BCUxWk03uNjUNOKvDgMsdS8YmLtqx200y5cKZdRNfxamXBsH40MbJrMU6jmcBfFuGUiIfUW-NpoLwNDW0s60sSFtubVIr3-d-EIrMS1H5DGFaodHdsvrGovfh5qsY-VXJu5GKKQYaEHGGX4-SNxyGAQqB6najg0fnSg-3EygJ43sJmAfs3OZcutUFWV641D2UAdrQ7CT-L5_B2uCQzImpmT_nhzYnbdSZkqbZg4gqowdBeGJmiKJ5GGIYIYukgheAtrxc4NIuE0PHgkw-bH0XhlPnqTclHGkpncG6rSuqftZJVctb_4yX28cGamDTETARzKWkhMBZNwYFiU3UyIgYi26gShJZ_mXGOJCAtGLgsP_7a2HzWTZGfNUjxn6Zd3zC8unn0bw4sGEuHteIRtmmShiToXOC68ay36Swk4i0OSZgO0MQIDAiLPOVqFX3irRo5uxJa8rbNsoL_gT-_w5p4iEdvStKumnU-UkqdlNcuRJg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame A4C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
16b1965919373fecd13455a5aeb9278934d63073fb07a1b5479c93a6eaf4889f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:22:52 GMT
server
Kestrel
server-processing-duration-in-ticks
1960394
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.145.js
static.criteo.net/js/ld/ 		98 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.145.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-18615"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 13:22:53 GMT
dvbs_src_internal125.js
cdn.doubleverify.com/ Frame 4E26 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c1389825145451a1581f79b2b7afd5922778ce7fae8a435321dc7cc1c705eb4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 11:33:44 GMT
Server
UploadServer
ETag
"b6a2d08c7f9e0733b73b27e064dc7aa0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32706
Expires
Fri, 13 Dec 2024 13:22:53 GMT
verify.js
rtb0.doubleverify.com/ Frame 4E26 		443 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_890135508997&jsTagObjCallback=__tagObject_callback_890135508997&num=6&ctx=589953&cmp=169568&plc=413e405&sid=edcbd7ed316741c&advid=&adsrv=&unit=300x600&isdvvid=&uid=890135508997&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&ppid=102&audeal=OX-XPT-g4lAn6&auevent=2ed10db2-4bd1-4cf2-925a-351c918a33c3&auadv=v5n5yy2&aucmp=5pv3g52&aucrtv=ydhn3x0h&pltfrm=539997005&aufilter1=gq8jr5m&autt=1&c1=gq8jr5m&c2=hf6rued&c3=openx&c4=dv-51003938&c5=www.theguardian.com&c6=po63bkh&turl=www.theguardian.com%2fworld%2f2023%2fdec%2f11%2fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=2&prr=1&m1=13&noc=4&fcifrms=12&brh=2&fwc=2&fcl=521&flt=0&fec=913&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE968F2C5%3A2%3F%5D4%40%3ETauH%40C%3D5Taua_abTau564Tau%60%60Tau7%40C865%5C5%404F%3E6%3FED%5C9%40H%5CF%3CC2%3A%3F%3A2%3F%5C8C2%3A%3F%5C%3E2J%5C36%5C6%3FC%3A49%3A%3F8%5CAFE%3A%3FD%5C4%3AC4%3D6U2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE968F2C5%3A2%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE968F2C5%3A2%3F%5D4%40%3EU42%3FFC%3D9EEADTbpTauTauHHH%5DE968F2C5%3A2%3F%5D4%40%3ETauH%40C%3D5Taua_abTau564Tau%60%60Tau7%40C865%5C5%404F%3E6%3FED%5C9%40H%5CF%3CC2%3A%3F%3A2%3F%5C8C2%3A%3F%5C%3E2J%5C36%5C6%3FC%3A49%3A%3F8%5CAFE%3A%3FD%5C4%3AC4%3D6&dvp_exetime=13.60&callbackName=__verify_callback_890135508997
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
5067e99790cce7ccec59d19beb3bdf0610003f8b4effe7738ed7e7f249d1383c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:53 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
12/13/2023 13:22:53
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:10249&sessionId:a76dfaec-1969-4cae-448e-27a80d77965e&err:responsetime%3A109%26probability%3A10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.78.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-78-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
nginx
x-server-name
app42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62153750_6c4f203878fe7b3feaad2805422a2d13_creative_def.js
s0.2mdn.net/ads/richmedia/studio/creative/62108353/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/creative/62108353/62153750_6c4f203878fe7b3feaad2805422a2d13_creative_def.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0642b73160450089f5a5363ff92d696f5d3b4a64d8eaf8d96619ae0d2b1561fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1530
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 10:49:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 11:04:57 GMT
html_floating_rendering_lib_200_260.js
s0.2mdn.net/879366/ 		189 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_floating_rendering_lib_200_260.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab17be372bef91eb0e542a362ad0781ec3ad8e31bbcc606dafbbd38f6e618d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 09:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66975
x-xss-protection
0
last-modified
Wed, 31 Jul 2019 21:01:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 09:04:58 GMT
sid
mug.criteo.com/ Frame A4C9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=JcqwZHxWUG1raW1ZS2RVT1NienVtOUc5ckJVVXh3eHFjTjVqV3Y5emNrK1VFczh4dWQzWEE4NGhuOEdYNnZHb1hLWkd0Qk1RdC9weGlwZ2lSUWtTTGcrWVYyRUxPcThoTXU3SG5lZ1B4aTJwblRXbnYxVmJKTmlQY3lVTm...
438 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=JcqwZHxWUG1raW1ZS2RVT1NienVtOUc5ckJVVXh3eHFjTjVqV3Y5emNrK1VFczh4dWQzWEE4NGhuOEdYNnZHb1hLWkd0Qk1RdC9weGlwZ2lSUWtTTGcrWVYyRUxPcThoTXU3SG5lZ1B4aTJwblRXbnYxVmJKTmlQY3lVTm5LQ3ZaenB5dGFybW9Tc2tyaHRkck1DNnBhU2tvRTMwMTEvbnJ5cGcwZDhFMStJVWdpZkpFeXlTNngzTklYNjRPZFoyalBzd2Y0U25XUVBrRWJJQURlbnNxZXliVXpYUzRBamZ6SVBWVEJZVFpnV0F1clZiSHYvd2N3QkxveFk4ZmxYclVjUUdVZ3VSaHMxUWNPNDhZNUUxenNiZVJVRHBvUWVuSjl3bUl5Q1F2ajROMlJYRT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e8cb0292ed3a3f2d4382308771165764fe738e8ce3a1fd45f193fb535dda1f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1248900
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=JcqwZHxWUG1raW1ZS2RVT1NienVtOUc5ckJVVXh3eHFjTjVqV3Y5emNrK1VFczh4dWQzWEE4NGhuOEdYNnZHb1hLWkd0Qk1RdC9weGlwZ2lSUWtTTGcrWVYyRUxPcThoTXU3SG5lZ1B4aTJwblRXbnYxVmJKTmlQY3lVTm5LQ3ZaenB5dGFybW9Tc2tyaHRkck1DNnBhU2tvRTMwMTEvbnJ5cGcwZDhFMStJVWdpZkpFeXlTNngzTklYNjRPZFoyalBzd2Y0U25XUVBrRWJJQURlbnNxZXliVXpYUzRBamZ6SVBWVEJZVFpnV0F1clZiSHYvd2N3QkxveFk4ZmxYclVjUUdVZ3VSaHMxUWNPNDhZNUUxenNiZVJVRHBvUWVuSjl3bUl5Q1F2ajROMlJYRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
318499
content-length
0
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=5ea216e0-517c-eec5-bbd9-808772525f52&tv=%7Bc:wJNsw5,time:776,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:776,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:352,wc:0.0.1600.1200,ac:446.1342.550.310,am:i,cc:446.1342.550.310,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B484~0%5D,as:%5B484~550.310%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:75,fm:tYq4Yy9+11%7C12%7C13%7C14%7C1511%7C15121%7C15122%7C1513%7C1514%7C1515%7C1516%7C1517%7C15181%7C15182%7C1519%7C16%7C17%7C18%7C19%7C1a*.10249%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:354,sis:580%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:43b2:9ac0:b6a1:39c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
survey190118.html
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame E47B 		913 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_floating_rendering_lib_200_260.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7c877d99de88d1191c44385c76d8a7165de72da9126c9ac8b8dfee948d5251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
510
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:22:53 GMT
expires
Fri, 15 Dec 2023 13:22:53 GMT
last-modified
Tue, 31 May 2022 16:02:42 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj90c8h2RvsvSjY1VuQGqzrAWZy-DY9SWysvPRuFgyn15VDcCAeP-WhJqYgSyFPyk6ykoihvsfIC6MqYUrgaKfv1kpII9_WPBt31RQHVpGJOthIuk6RiHfVTuP_niungYf2dTKx5ZpEFJfMiBo3W0BdbLUB5jArD3pt3rml5Mn_KGqLx_Cd6k8ihWyRN4QMQleW9VKjUYIk8WySa6iq8qfEAfTbYfh0P0NufCtLKhS_4zRyLBJpaZJctIVJbFuca3HcvIBCn5fKELePzIoXZRDr4jc_O9i-i4Zwiaa1e4g6yplZgo_vEFKUY1fGJyZVATIRIwHuvFoN9vI0pLq0T2AmQeIvCPdkajN4ApBXUd0cgJt2uPwp_INiSCmcbtlHJS6_Ag&sai=AMfl-YThfJbcrfB_7F0eAgR2rqLiBSWEjkqQ-q-3tIDR8Fi_WNsbaTIdy6BGwlyQ53J6Hcm6FKlQIKzKj7Tq6_3_-Ej6kGA7lWj611XzOrXY2Rd2fXc_GyNmB29GCX4M5Q&sig=Cg0ArKJSzHYaUcIyxsFoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
insights.bin
ins.connatix.com/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/cd8c3bb3-8a3c-41d3-9f9a-f31b1423ea67/ Frame A2DD 		792 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/cd8c3bb3-8a3c-41d3-9f9a-f31b1423ea67/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498e7260d21d1b9ccc2d4e00f27a9852c066978712e91191fa9d8de7a12310cd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Dec 2023 12:31:12 GMT
server
cloudflare
etag
W/"4db5fd457747e94f23f9c76dcd23d1bc"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
8356c21d3a854331-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 13 Dec 2024 13:22:53 GMT
blockedDomains_1.bin
lit.connatix.com/08d7f5c8-0e77-43a0-8f82-a0e3b21a8414/ Frame A2DD 		13 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d7f5c8-0e77-43a0-8f82-a0e3b21a8414/blockedDomains_1.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadf2fdd0fcb02dd08b4160905bc3fa1fdaaef1e145ddf28ef8074f6fd1dca5e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
x-amz-version-id
null
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
13
last-modified
Tue, 29 Aug 2023 13:59:34 GMT
server
cloudflare
etag
"1e1210c1fb09dc80c1dfdfdf15061bf9"
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
accept-ranges
bytes
cf-ray
8356c21d391a1869-EWR
expires
Fri, 13 Dec 2024 13:22:53 GMT
insights.bin
ins.connatix.com/d000bee06253858acfa3c946284cf265/ Frame A2DD 		468 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/d000bee06253858acfa3c946284cf265/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2959a5ab1fc0a80f53c3fbaff679b571b507634b321234070b38c93df622d004

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 11:17:08 GMT
server
cloudflare
etag
W/"031aebba7c778fa0f13271436913d019"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
8356c21d3a834331-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 13 Dec 2024 13:22:53 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0
  • https://cks.connatix.com/cks?pid=17&ev=4235b744549846ab93810afb46e7b692&pname=Index&api-tier=1&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
139 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=4235b744549846ab93810afb46e7b692&pname=Index&api-tier=1&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c3fb29e267003bd5112a42450f3d525f62ad4f8ec8e4199ec4955763d61e25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae4f0f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnrYCK603RoJyVLukMhhsMwQtiBqo7TcwivSPj0JjnFuzQppSRJ3GdZs9PjGen8f6gKDvI1xm0JGWl%2Bi1THNi%2FMaz5m%2BS%2FDdmWyWkAMkYrpZKwdI2L9BcslR2orYqruy9L%2FumFVP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cks.connatix.com/cks?pid=17&ev=4235b744549846ab93810afb46e7b692&pname=Index&api-tier=1&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
cache-control
no-cache
cf-ray
8356c21d0bb68c15-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=4235b744549846ab93810afb46e7b692&pname=Beeswax&api-tier=1&uid=AACbNU7K9gMAABLqgtK56w&gdpr=0
132 B
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=4235b744549846ab93810afb46e7b692&pname=Beeswax&api-tier=1&uid=AACbNU7K9gMAABLqgtK56w&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fdeaea05eed185b472f02c7a859e2031456638ea8748d5c2d62bd033a1e8ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae580f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=4235b744549846ab93810afb46e7b692&pname=Beeswax&api-tier=1&uid=AACbNU7K9gMAABLqgtK56w&gdpr=0
Date
Thu, 14 Dec 2023 13:22:53 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=a8eab6db-f103-457f-bed9-4e45a07b3671&ttl=1705152173
146 B
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=a8eab6db-f103-457f-bed9-4e45a07b3671&ttl=1705152173
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d39965c81e016d83b6b373b30b1f259d4aed6d79d3cdfd99fd9f8858a2b319

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae4c0f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=a8eab6db-f103-457f-bed9-4e45a07b3671&ttl=1705152173
date
Thu, 14 Dec 2023 13:22:53 GMT
server
Kestrel
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DAmobee%26api-tier%3D1%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=4235b744549846ab93810afb46e7b692&pname=Amobee&api-tier=1&uid=3775486543021645614
129 B
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=4235b744549846ab93810afb46e7b692&pname=Amobee&api-tier=1&uid=3775486543021645614
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466d775c3996c8b1412163ecd9f35a9659ea329d68e73e471b0e6ea64b7bee92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae4e0f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=4235b744549846ab93810afb46e7b692&pname=Amobee&api-tier=1&uid=3775486543021645614
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=25&ev=4235b744549846ab93810afb46e7b692&pname=TripleLift&api-tier=1&uid=119942835268329456868
131 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=4235b744549846ab93810afb46e7b692&pname=TripleLift&api-tier=1&uid=119942835268329456868
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d6816ac95711958c94634e74d15a13e2a783ae5351f961a93a8498b59c4391

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae4d0f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=4235b744549846ab93810afb46e7b692&pname=TripleLift&api-tier=1&uid=119942835268329456868
date
Thu, 14 Dec 2023 13:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DAppNexus%26api-tier%3D1%26uid%3D%24UID=&gdpr=0
  • https://cks.connatix.com/cks?pid=6&ev=4235b744549846ab93810afb46e7b692&pname=AppNexus&api-tier=1&uid=7124857179851734154=&gdpr=0
129 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=4235b744549846ab93810afb46e7b692&pname=AppNexus&api-tier=1&uid=7124857179851734154=&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca44740e44f520ac56fe6f6f8ebd49c76dc191caf5ec4b45344552ef94f2bbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae520f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
an-x-request-uuid
c7ab609b-98df-4afa-babc-a7c8479fcfc9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=4235b744549846ab93810afb46e7b692&pname=AppNexus&api-tier=1&uid=7124857179851734154=&gdpr=0
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
capi.connatix.com/us/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=171665592
  • https://sync.1rx.io/usersync/tradedesk/a8eab6db-f103-457f-bed9-4e45a07b3671
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-005%26pI...
  • https://capi.connatix.com/us/pixel?puid=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&pId=44
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&pId=44
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8356c21efed02395-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&pId=44
date
Thu, 14 Dec 2023 13:22:53 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX102ccb588ace429b80ca7458bce78d64005
content-type
text/html
pixel
capi.connatix.com/us/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null
  • https://capi.connatix.com/us/pixel?puid=7387344376717378074&pId=40&gdpr=0&gdpr_consent=
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=7387344376717378074&pId=40&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8356c21e4e6c2395-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=7387344376717378074&pId=40&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:53 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame A23B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
281 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/402.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 13:22:53 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 13:22:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
server
AkamaiGHost
/
hde.tynt.com/deb/ Frame 06F2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_3...
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/402.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1711
content-type
text/html
date
Thu, 14 Dec 2023 13:22:52 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 14 Dec 2023 13:22:53 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E04C 		16 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3DPubmatic%26tier%3D1%26DemandPartnerUserId%3D&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/402.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161227
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 14 Dec 2023 13:22:53 GMT
expires
Sat, 16 Dec 2023 10:10:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DPulsePoint%26api-tier%3D1%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=4235b744549846ab93810afb46e7b692&pname=PulsePoint&api-tier=1&uid=9sqhxA1ot6tb
122 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=4235b744549846ab93810afb46e7b692&pname=PulsePoint&api-tier=1&uid=9sqhxA1ot6tb
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77827c58f8457e83a4a59cc44385e1e2bb45a2fcfdba8cb0c6ef90f9d5640bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae500f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cks.connatix.com/cks?pid=13&ev=4235b744549846ab93810afb46e7b692&pname=PulsePoint&api-tier=1&uid=9sqhxA1ot6tb
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-qg448
expires
-1
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DCrimtan%26api-tier%3D1%26uid%3D%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=4235b744549846ab93810afb46e7b692&pname=Crimtan&api-tier=1&uid=5859e26ff7e74a5abd461b1685eb82c5
142 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=4235b744549846ab93810afb46e7b692&pname=Crimtan&api-tier=1&uid=5859e26ff7e74a5abd461b1685eb82c5
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe277335a22e94911e9aa863ab0b353ce0d2f86f61157aba823aa2e87b44176b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae570f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cks.connatix.com/cks?pid=28&ev=4235b744549846ab93810afb46e7b692&pname=Crimtan&api-tier=1&uid=5859e26ff7e74a5abd461b1685eb82c5
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DLoopMe%26api-tier%3D1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=4235b744549846ab93810afb46e7b692&pname=LoopMe&api-tier=1&uid=80a24722-2b89-421d-85a3-ae506458ad51&pubid=11186&gdpr=0
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=4235b744549846ab93810afb46e7b692&pname=LoopMe&api-tier=1&uid=80a24722-2b89-421d-85a3-ae506458ad51&pubid=11186&gdpr=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba164d29edaa769c27058950325993f0d98d1906f30c391f49215d27b1b6dc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21f0e6f4326-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=4235b744549846ab93810afb46e7b692&pname=LoopMe&api-tier=1&uid=80a24722-2b89-421d-85a3-ae506458ad51&pubid=11186&gdpr=0
date
Thu, 14 Dec 2023 13:22:53 GMT
server
_
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DCentro%26api-tier%3D1%26uid%3...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D4235b74...
  • https://cks.connatix.com/cks?pid=9&ev=4235b744549846ab93810afb46e7b692&pname=Centro&api-tier=1&uid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0
159 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=4235b744549846ab93810afb46e7b692&pname=Centro&api-tier=1&uid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7581713c707c3b7ebb99449c3c6b3987ecc54a67cd50c9a0de5474a9851c347a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21f3ea44326-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 14 Dec 2023 13:22:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://cks.connatix.com/cks?pid=9&ev=4235b744549846ab93810afb46e7b692&pname=Centro&api-tier=1&uid=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DYieldMo%26api-tier%3D1%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=4235b744549846ab93810afb46e7b692&pname=YieldMo&api-tier=1&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0
130 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=4235b744549846ab93810afb46e7b692&pname=YieldMo&api-tier=1&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b1b771ce803e15c41a2f1e304ae045e7959cd2c90a432099ca79ab66fa35aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae530f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=4235b744549846ab93810afb46e7b692&pname=YieldMo&api-tier=1&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=4235b744549846ab93810afb46e7b692&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=4235b744549846ab93810afb46e7b692&pname=Telaria&api-tier=1&uid=5386f09ab60942b0bf03901dd195331f
141 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=4235b744549846ab93810afb46e7b692&pname=Telaria&api-tier=1&uid=5386f09ab60942b0bf03901dd195331f
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b86416cb76d67743689e818c5a10791995ddc42898f9e6bc0164dcb08e8443

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21e4daf4326-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=4235b744549846ab93810afb46e7b692&pname=Telaria&api-tier=1&uid=5386f09ab60942b0bf03901dd195331f
date
Thu, 14 Dec 2023 13:22:53 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd6d9b85d016104917a3743e822f3a37&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd6d9b85d016104917a3743e822f3a37&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21d9dfa2395-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:53 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd6d9b85d016104917a3743e822f3a37&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702560173573075-156
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 2FDF 		738 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d4235b744549846ab93810afb46e7b692%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/402.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
content-length
738
content-type
text/html
date
Thu, 14 Dec 2023 13:22:53 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync.min.js
tags.crwdcntrl.net/lt/c/17331/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:57:40 GMT
content-encoding
gzip
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 16:12:35 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
1514
etag
W/"24dc2bbea0cff17e96e133440043ddb8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
IsQoIKpasAY8zoSaaaB_RTPn0jdhQsjYDEj7tRqFoQIpc7crOqsIIg==
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=4235b744549846ab93810afb46e7b692&pname=SundaySky&api-tier=1&uid=d6.251ff9da82e243168276034676d00250
144 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=4235b744549846ab93810afb46e7b692&pname=SundaySky&api-tier=1&uid=d6.251ff9da82e243168276034676d00250
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a01d18f4dabb33b45461cfb7f0a51b709ebec1f2eec81fd3702bf59ada376f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21ede4e4326-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=4235b744549846ab93810afb46e7b692&pname=SundaySky&api-tier=1&uid=d6.251ff9da82e243168276034676d00250
date
Thu, 14 Dec 2023 13:22:53 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DResetDigital%26api-tier%3D1%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=4235b744549846ab93810afb46e7b692&pname=ResetDigital&api-tier=1&uid=0000012266C77743
126 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=4235b744549846ab93810afb46e7b692&pname=ResetDigital&api-tier=1&uid=0000012266C77743
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28083ad830d5e89eb9a3cac1a2d720f570e31f88615431a2b0b812787d692242

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae540f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=4235b744549846ab93810afb46e7b692&pname=ResetDigital&api-tier=1&uid=0000012266C77743
date
Thu, 14 Dec 2023 13:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DSonobi%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=4235b744549846ab93810afb46e7b692&pname=Sonobi&api-tier=1&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
146 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=4235b744549846ab93810afb46e7b692&pname=Sonobi&api-tier=1&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f4e117bfb268b55154ee18408566ea1c05525b30eba1370f360d7d52bd0776

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae550f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cks.connatix.com/cks?pid=43&ev=4235b744549846ab93810afb46e7b692&pname=Sonobi&api-tier=1&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d4235b744549846ab93810afb46e7b692%26pname%3...
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0&gdpr_consent=null
146 B
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0&gdpr_consent=null
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7612110c48f5cb56d11ce57bfba4a7f85fb4a3861b9e6aec6b674ead5e78d590

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21dae560f3b-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0&gdpr_consent=null
date
Thu, 14 Dec 2023 13:22:53 GMT
content-length
0
psync
xsync.iqzone.com/ 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D4235b74454984...
  • https://cks.connatix.com/cks?pid=29&ev=4235b744549846ab93810afb46e7b692&pname=Adelphic&api-tier=1&uid=935250ca-a545-48f5-9af9-b2e5e5320cdf
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=4235b744549846ab93810afb46e7b692&pname=Adelphic&api-tier=1&uid=935250ca-a545-48f5-9af9-b2e5e5320cdf
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a714f258753b7a09ae84dd3bf9507add8a29df7fb721f676bcd6a3ad1989c0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21e5dc94326-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://cks.connatix.com/cks?pid=29&ev=4235b744549846ab93810afb46e7b692&pname=Adelphic&api-tier=1&uid=935250ca-a545-48f5-9af9-b2e5e5320cdf
Date
Thu, 14 Dec 2023 13:22:53 GMT
Connection
keep-alive
X-CI-RTID
b7020521-c701-404d-9264-52e2f2d3b426
Content-Length
177
Content-Type
text/html; charset=utf-8
us
capi.connatix.com/core/ Frame A2DD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d4235b744...
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=4235b744549846ab93810afb46e7b692&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=508bb4d3-1c11-0707-2bc2-817996d42e10
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=8&UserId=4235b744549846ab93810afb46e7b692&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=508bb4d3-1c11-0707-2bc2-817996d42e10
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8356c21d4d792395-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://capi.connatix.com/core/us?DemandPartner=8&UserId=4235b744549846ab93810afb46e7b692&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=508bb4d3-1c11-0707-2bc2-817996d42e10
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame A2DD 		0
0
712202.gif
id.rlcdn.com/ Frame A2DD 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712202.gif?cparams=4235b744549846ab93810afb46e7b692&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
report
capi.connatix.com/us/google/ Frame A2DD
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NDIzNWI3NDQ1NDk4NDZhYjkzODEwYWZiNDZlN2I2OTI&extra1=4235b744549846ab93810afb46e7b692&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
  • https://capi.connatix.com/us/google/report?extra1=4235b744549846ab93810afb46e7b692&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/google/report?extra1=4235b744549846ab93810afb46e7b692&gdpr=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8356c21e0e432395-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://capi.connatix.com/us/google/report?extra1=4235b744549846ab93810afb46e7b692&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/ Frame A2DD
Redirect Chain
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=4235b744549846ab93810afb46e7b692&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D4235b744549846ab93810afb46e7b692...
  • https://cks.connatix.com/cks?pid=34&ev=4235b744549846ab93810afb46e7b692&pname=Colossus&api-tier=1&uid=f3253eeb-da02-4471-8b96-2801d8188624
0
0
style.css
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame E47B 		698 B
350 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f0c4b39d863ac2ca20e15b9ee2a177c5fea8e6b61c5065470c150a7280d39f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
x-xss-protection
0
last-modified
Tue, 31 May 2022 16:02:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 11:04:59 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame E47B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Dec 2023 20:46:08 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.9.3/ Frame E47B 		89 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.9.3/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26490
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-165b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYKJPUH5qS%2F3KDtMnhGeA%2FL600u7maO9FlPNRPbTNwyob0C7VfpjUExpbsrfZzvv8oK1lkvdaXdFd5iGJUxTQzQ%2BN5uJPZdAOhxWogNpn3w5fACanqgpLKBFDEiKkYm%2BFPEd8%2Ff0b%2BYyQuZFzQSrd3X7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8356c21d4e144369-EWR
expires
Tue, 03 Dec 2024 13:22:53 GMT
GuardianSurvey_DC.js
s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/ Frame E47B 		656 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/GuardianSurvey_DC.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62108353/20220531090242782/survey_22/survey190118.html?e=69&leftOffset=0&topOffset=0&c=bY7tdsNN9u&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
last-modified
Tue, 31 May 2022 16:02:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 11:04:59 GMT
cookie
cm.adform.net/ Frame 2FDF 		0
0
cksync.php
contextual.media.net/ Frame 2FDF 		57 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d4235b744549846ab93810afb46e7b692%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 13:22:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 14 Dec 2023 13:22:53 GMT
us
capi.connatix.com/core/ Frame 2FDF
Redirect Chain
  • https://cks.connatix.com/cks?pid=24&ev=4235b744549846ab93810afb46e7b692&pname=IronSource&api-tier=1&uid=IBg4oAn-Cp_s&direct=1
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=IBg4oAn-Cp_s&UserId=&tier=1
0
0
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 4E26 		0
0
unit_renderer.php
as.jivox.com/unit/ Frame 4E26 		0
0
usync.js
eus.rubiconproject.com/ Frame A23B 		46 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 11:54:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81088
Connection
keep-alive
Content-Length
13232
Expires
Fri, 15 Dec 2023 11:54:21 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A2DD 		43 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=4235b744549846ab93810afb46e7b692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:f400:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
zpUFfrNK8o5F-JeRWIKTMQhaT6LnQHK1m-2He4kteoDgPhtQZwkkxQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A2DD
Redirect Chain
  • https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=4235b744549846ab93810afb46e7b692
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3775486543021645614
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
addffd9bac0c33d0b0847fc7366cd8639b5f71158773a8bff474f8d48b64431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29094
x-xss-protection
0
server
cafe
etag
633 / 19705 / 31080057 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:22:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A2DD 		0
0
cd8c3bb3-8a3c-41d3-9f9a-f31b1423ea67.bin
vid.connatix.com/pid-e1539617-5658-4d5f-b352-91258ead02d1/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/ Frame A2DD 		0
0
fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/ Frame 7B26 		0
0
/
onetag-sys.com/usync/ Frame 44C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d4235b744549846ab93810afb46e7b692%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
activeview
pagead2.googlesyndication.com/pcs/ Frame 5EFF 		0
0
iev
csm.va.us.criteo.net/ Frame A4C9 		0
0
connatix.omsdk.service-web-1.4.9.js
cds.connatix.com/p/plugins/ 		0
0
connatix.omsdk.session.client-1.4.9.js
cds.connatix.com/p/plugins/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.9.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0a84d43913f46215e1da913b01e7774e2a352056e8d6bfb49fe05eb550f4f9

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 14 Dec 2023 13:22:53 GMT
x-amz-version-id
Eq9aEfSq9rV68Xsb_6_4vUUQri5Qtb5I
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 13:21:41 GMT
server
cloudflare
etag
W/"7a2b67d291194120bdb151db914943e7"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8356c21ec916c448-EWR
access-control-allow-headers
range
expires
Fri, 13 Dec 2024 13:22:53 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.94.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-94-68.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b464761105661d7112fdeade9f9c6b8ab64ff68044de5e9a81e13cd2eeca1953

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
x-server
10.40.61.205
access-control-allow-credentials
true
content-length
235
expires
0
isync
visitor.omnitagjs.com/visitor/ Frame 0CE8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
95d03ed67a6bd4ef80ad450f24341d931c35ba97920a266cdb12b188b3fda431
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1645
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:22:54 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
3
sync
eb2.3lift.com/ Frame 0E60 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c0da3f5dc9897d38decf5bff94b3c306fb265095b2c7f5be53a8800162dc5a9c

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:22:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC66 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161226
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 14 Dec 2023 13:22:54 GMT
expires
Sat, 16 Dec 2023 10:10:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame D376 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ccd5fb78b793c860b190121c8d4496bc376d68817e7f75e4be647b072ff56d

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8356c2253ede1881-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:22:54 GMT
expires
0
last-modified
Thu, 14 Dec 2023 09:39:57 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0E37 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
774
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8356c227f8584257-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:22:55 GMT
expires
Thu, 14 Dec 2023 17:22:55 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
xuid
eb2.3lift.com/ Frame 0E60
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a8eab6db-f103-457f-bed9-4e45a07b3671&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a8eab6db-f103-457f-bed9-4e45a07b3671&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=a8eab6db-f103-457f-bed9-4e45a07b3671&dongle=0cfd&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:54 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 0E60
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE5OTQyODM1MjY4MzI5NDU2ODY4
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0E60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEnSqun3J6VIdM0J_pTbNAI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEnSqun3J6VIdM0J_pTbNAI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEnSqun3J6VIdM0J_pTbNAI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E60
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE5OTQyODM1MjY4MzI5NDU2ODY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE5OTQyODM1MjY4MzI5NDU2ODY4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE5OTQyODM1MjY4MzI5NDU2ODY4
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 0E60 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=119942835268329456868&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:54 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FA7E080639644953896DFF54A46B1436 Ref B: EWR30EDGE0710 Ref C: 2023-12-14T13:22:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMeC5vnUsDuGBMEzA8FQ==
xuid
eb2.3lift.com/ Frame 0E60
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/119942835268329456868?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-MOMsR_pE2oRJymcaZvd5VHMMYfzJ.zqw2RBmKBr1WA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MOMsR_pE2oRJymcaZvd5VHMMYfzJ.zqw2RBmKBr1WA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 14 Dec 2023 13:22:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MOMsR_pE2oRJymcaZvd5VHMMYfzJ.zqw2RBmKBr1WA--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 0E60
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=119942835268329456868&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=61447524-3c78-4a5c-8342-ce68ffc0279d&ssp=triplelift&expires=30&user_group=5&bsw_param=dae20180-897d-4967-862d-184aeca4dd29
  • https://eb2.3lift.com/xuid?mid=2409&xuid=dae20180-897d-4967-862d-184aeca4dd29&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=dae20180-897d-4967-862d-184aeca4dd29&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=dae20180-897d-4967-862d-184aeca4dd29&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 14 Dec 2023 13:22:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 0E60
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=32b239a0-ab2d-4809-b73e-d37dda384a87&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=32b239a0-ab2d-4809-b73e-d37dda384a87&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=32b239a0-ab2d-4809-b73e-d37dda384a87&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1170210
content-length
0
expires
Thu, 14 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0E60
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7124857179851734154&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7124857179851734154&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
an-x-request-uuid
fe40ea11-0bd0-486e-8530-e688a3355ed3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=7124857179851734154&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 0E60 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=119942835268329456868
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
an-x-request-uuid
b8690bda-9435-40bc-9882-412d29b80818
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame D376 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8356c2258f7743d6-EWR
cookie_sync
elb.the-ozone-project.com/ Frame D376 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c734b36bcaf51d353da1e63321d1a5e9fc293745d05edc0b8a15482b8c1d1d5a

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8356c2258f251881-EWR
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame FC66 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36402102&p=157206&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
582447baaf731c15588f4584c185e3c710314be317fb363ef60788d9e0fdc550

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 14 Dec 2023 13:22:54 GMT
content-length
2029
content-type
text/html; charset=UTF-8
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gd...
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
an-x-request-uuid
54f0158c-420e-42c3-ab1d-eca2e45466b6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
an-x-request-uuid
5aea9ce9-43f3-4d5d-85f3-f9c787ffb096
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-TIhsrUhE2pkk.5ArNYDiR0iFsIUZigaBn35rOA--~A&expires=5&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=dae20180-897d-4967-862d-184aeca4dd29&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=dae20180-897d-4967-862d-184aeca4dd29&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=dae20180-897d-4967-862d-184aeca4dd29&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Thu, 14 Dec 2023 13:22:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame 0CE8 		0
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=3b3e3207d8c8f45667463a6f4b472952
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.225.14 , United States, ASN (),
Reverse DNS
server-18-239-225-14.mia3.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 a6a774e7ecfee1b1064e4dfb82b3086c.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MIA3-P8
x-amz-cf-id
qMpAUDfOK2mS04NTc-k76Z3EDG4YrOBRCotDH-Stnq_K14iwyzG09A==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT, Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=a8eab6db-f103-457f-bed9-4e45a07b3671&name=THE_TRADE_DESK
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=a8eab6db-f103-457f-bed9-4e45a07b3671&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=a8eab6db-f103-457f-bed9-4e45a07b3671&name=THE_TRADE_DESK
date
Thu, 14 Dec 2023 13:22:54 GMT
server
Kestrel
content-length
319
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De770...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=b864874dd1a0265506a17c2418360a89&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=b864874dd1a0265506a17c2418360a89&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
14
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=b864874dd1a0265506a17c2418360a89&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
8356c2261e86429b-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACbNU7K9gMAABLqgtK56w&name=BEESWAX
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACbNU7K9gMAABLqgtK56w&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACbNU7K9gMAABLqgtK56w&name=BEESWAX
Date
Thu, 14 Dec 2023 13:22:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
225
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=80a24722-2b89-421d-85a3-ae506458ad51%20&gdpr_consent=null&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=80a24722-2b89-421d-85a3-ae506458ad51%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=80a24722-2b89-421d-85a3-ae506458ad51 &gdpr_consent=null&gdpr=0
date
Thu, 14 Dec 2023 13:22:55 GMT
server
_
content-length
0
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=MF_DK0ca-rYwg9tzmgTO&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3775486543021645614&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
25
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ea220400de7a0f604f49a7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ea220400de7a0f604f49a7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ea220400de7a0f604f49a7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Thu, 14 Dec 2023 13:22:55 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98$ip$5.181.234.133&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98$ip$5.181.234.133&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98$ip$5.181.234.133&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Thu, 14 Dec 2023 13:22:54 GMT
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0CE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=bc8f40ee16e34a29bed3d140d1dec4b2&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=bc8f40ee16e34a29bed3d140d1dec4b2&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:56 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Date
Thu, 14 Dec 2023 13:22:55 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=bc8f40ee16e34a29bed3d140d1dec4b2&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=ccb9bdcf-0efa-535c-84ef-2ea4e1942f0b&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=ccb9bdcf-0efa-535c-84ef-2ea4e1942f0b&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=ccb9bdcf-0efa-535c-84ef-2ea4e1942f0b&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
ap.lijit.com/ Frame 0CE8 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 14 Dec 2023 13:22:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNT...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=9a252594-fdfa-439d-b059-48e22fba9d97&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=9a252594-fdfa-439d-b059-48e22fba9d97&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=9a252594-fdfa-439d-b059-48e22fba9d97&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0CE8
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=a735f9cd-a79a-42c4-96d6-06cd1f5df56a&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=a735f9cd-a79a-42c4-96d6-06cd1f5df56a&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:49 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=a735f9cd-a79a-42c4-96d6-06cd1f5df56a&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame 0CE8 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usync.html
eus.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 13:22:55 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 13:22:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 13:22:55 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 13:22:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 8F9B 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 13:22:55 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 13:22:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
de.tynt.com/deb/ Frame 3D51
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
c4194612af08eaab32d729c64ddb664bdf3f071543de3f54e1763095fa802c64

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2206
content-type
text/html
date
Thu, 14 Dec 2023 13:22:54 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 13:22:54 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8340000A
sync
ssbsync.smartadserver.com/api/ Frame 5C81 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.170 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
b4a0d8f313f50b66b27884637e505ac21cc083506b3c72b06f3e2faffe40b7b2

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
1097
content-type
text/html
date
Thu, 14 Dec 2023 13:22:54 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame A6A3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYk5VN0s5Z01BQUJMcWd0SzU2dw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AACbNU7K9gMAABLqgtK56w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AACbNU7K9gMAABLqgtK56w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACbNU7K9gMAABLqgtK56w&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACbNU7K9gMAABLqgtK56w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7387344376717378074&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACbNU7K9gMAABLqgtK56w&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 14 Dec 2023 13:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 14 Dec 2023 13:22:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 1F76
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7124857179851734154&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
49 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 14 Dec 2023 13:22:55 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
11

Redirect headers

content-length
220
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:22:54 GMT
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
141
match.deepintent.com/usersync/ Frame 0844 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 14 Dec 2023 13:22:54 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 3EC5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXsBrwAG4O4N7wBU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 14 Dec 2023 13:22:55 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lga21921-LGA
x-timer
S1702560175.090704,VS0,VE7

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 14 Dec 2023 13:22:55 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXsBrwAG4O4N7wBU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lga21921-LGA
x-timer
S1702560175.065186,VS0,VE8
Pug
simage2.pubmatic.com/AdServer/ Frame A306
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JIqtCSKO-w0_j_xTKoa3DSDd-Qo_2ahddowin3wa
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79ee1b5-2031-41e8-900b-1a554427a5d8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79ee1b5-2031-41e8-900b-1a554427a5d8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 14 Dec 2023 13:22:55 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79ee1b5-2031-41e8-900b-1a554427a5d8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
insync
thrtle.com/ Frame FC66
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&vxii_pid=12&vxii_pid1=10067&vxii_rcid=524743a8-65d3-4645-8b2f-65b01a847ec9
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&vxii_pid=12&vxii_pid1=10067&vxii_rcid=524743a8-65d3-4645-8b2f-65b01a847ec9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
44.197.22.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-22-251.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 14 Dec 2023 13:22:55 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&vxii_pid=12&vxii_pid1=10067&vxii_rcid=524743a8-65d3-4645-8b2f-65b01a847ec9
date
Thu, 14 Dec 2023 13:22:55 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame FC66 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame FC66 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.25.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-25-64.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame FC66 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.18.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-18-3.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 14 Dec 2023 13:22:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC66
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1bf3939c87cb241d&is_secure=true&networkId=17100&version=1&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB0F2ktG-tsAN-IM9-AAAAAAA&expiration=1702646575&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&...
42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB0F2ktG-tsAN-IM9-AAAAAAA&expiration=1702646575&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB0F2ktG-tsAN-IM9-AAAAAAA&expiration=1702646575&nuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame FC66
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=935250ca-a545-48f5-9af9-b2e5e5320cdf&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5023303428203664878
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5023303428203664878
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5023303428203664878
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame FC66
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10DAE562F_1FED0DF4&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-385564975; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:54 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-385564975; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame FC66 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.58.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-58-192.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC66
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6038002063729600366
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6038002063729600366
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6038002063729600366
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7124857179851734154
0
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7124857179851734154
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c2261fa51881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
an-x-request-uuid
d9bbb9e9-1792-43d4-96fa-8dec5bb65d40
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7124857179851734154
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3584 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
54d7fc75d8c7e54b6b34d014e063d4f915fee3601d9351fa7028ec0f1f2b729f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 11:54:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81086
Connection
keep-alive
Content-Length
13232
Expires
Fri, 15 Dec 2023 11:54:21 GMT
usync.js
eus.rubiconproject.com/ Frame 080A 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
54d7fc75d8c7e54b6b34d014e063d4f915fee3601d9351fa7028ec0f1f2b729f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 11:54:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81086
Connection
keep-alive
Content-Length
13232
Expires
Fri, 15 Dec 2023 11:54:21 GMT
usync.js
eus.rubiconproject.com/ Frame C6E9 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
54d7fc75d8c7e54b6b34d014e063d4f915fee3601d9351fa7028ec0f1f2b729f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 11:54:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81086
Connection
keep-alive
Content-Length
13232
Expires
Fri, 15 Dec 2023 11:54:21 GMT
khaos.json
token.rubiconproject.com/ Frame 3584 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQ58D8TE-Z-KF35
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
14f2833af82feb4c3bb41319cabc6617
Expires
0
cm
us-u.openx.net/w/1.0/ Frame EFDC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702560175029.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
85d38ac3a282923f07d5f681a7fbf77a90007c74786ba7347fa2c7fe5af9dc00

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
703
content-type
text/html
date
Thu, 14 Dec 2023 13:22:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 13:22:54 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP012
x-33x-status
40000000008200000A
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 3D51
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1702560175029.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212257090824875&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212257090824875&gdpr=0&gdpr_consent=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212257090824875&gdpr=0&gdpr_consent=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 3D51
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1705152175%26external_user_id%3Da8eab6db-f103-457f-bed9-4e45a07b3671
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1705152175&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1705152175&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1705152175&external_user_id=a8eab6db-f103-457f-bed9-4e45a07b3671
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3D51
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702560175029.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGndnsk51mpWBLZ%2FN29Wme5XVdGyx15J0lFw8eixNgpVfGtWND0XWlvpvMFv0KQO6NFrvRYkfPRiSuamirU47Zma1B8ER4l5b5%2Bm%2FxKQPofLVx5CdTTASnU93m6Em4TqJR%2BwVGq8ooKi7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
cache-control
no-cache
cf-ray
8356c2267b170f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
match
events-ssc.33across.com/ Frame 3D51
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3D51
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=2w51-qyfWF5reWb4xqKsmAW16oU
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=2w51-qyfWF5reWb4xqKsmAW16oU&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=2w51-qyfWF5reWb4xqKsmAW16oU&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=2w51-qyfWF5reWb4xqKsmAW16oU&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3D51
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702560175029.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7124857179851734154
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7124857179851734154
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
an-x-request-uuid
59c5031a-bc5c-455b-9946-51d7ccdd0763
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7124857179851734154
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 080A 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQ58D8TE-Z-KF35
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
14f2833af82feb4c3bb41319cabc6617
Expires
0
khaos.json
token.rubiconproject.com/ Frame C6E9 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQ58D8TE-Z-KF35
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 3584
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQ58D8TE-Z-KF35
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&loc=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[UID]
  • https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
0
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c2269ffd1881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-137
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=4f1de70f-98b5-4f31-a55d-78f855a57328
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 5C81 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=7387344376717378074&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 5C81
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ea22040002f8105aa07fdc&gdpr=0&gdpr_consent=
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ea22040002f8105aa07fdc&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
135.148.2.56 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-135-148-2.us
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ea22040002f8105aa07fdc&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:55 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5C81
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM4NzM0NDM3NjcxNzM3ODA3NA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM4NzM0NDM3NjcxNzM3ODA3NA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM4NzM0NDM3NjcxNzM3ODA3NA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 5C81
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6966150491777740634&gdpr=0&gdpr_consent=
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6966150491777740634&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
135.148.2.56 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-135-148-2.us
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6966150491777740634&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
wt.rqtrk.eu/ Frame 5C81
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=7387344376717378074&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=7387344376717378074&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
15.235.42.104 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-003.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Thu, 14 Dec 2023 13:22:54 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=7387344376717378074&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
match
events-ssc.33across.com/ Frame EFDC 		68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=eadac81a-6b06-0a07-09e4-2d95080bd731
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame EFDC
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=833ff091-e7f7-06a6-1346-b904e66d4b5f&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZXsBrOGIX1XokO07UVDFE6G7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZXsBrOGIX1XokO07UVDFE6G7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 14 Dec 2023 13:22:55 GMT
server
Aorta/20231212.88a94bacf
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZXsBrOGIX1XokO07UVDFE6G7
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
68112109a39c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame EFDC
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Q-dOSBwLg8aDp27y0UZ_1A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EFDC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=935250ca-a545-48f5-9af9-b2e5e5320cdf
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=935250ca-a545-48f5-9af9-b2e5e5320cdf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=935250ca-a545-48f5-9af9-b2e5e5320cdf
Date
Thu, 14 Dec 2023 13:22:55 GMT
Connection
keep-alive
X-CI-RTID
cad26d0b-f790-46dc-b86e-323b77b6a875
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame EFDC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame EFDC 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=9acfb788-ee8a-076f-2f32-ba9331d38462
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame EFDC 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b27547fd-6de7-00a1-36f4-e34f95fcb107
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame EFDC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=c977bb12-78ca-0c88-3aaa-a2b63bc424b6
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c977bb12-78ca-0c88-3aaa-a2b63bc424b6
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c977bb12-78ca-0c88-3aaa-a2b63bc424b6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 14 Dec 2023 13:22:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c977bb12-78ca-0c88-3aaa-a2b63bc424b6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame EFDC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7124857179851734154
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7124857179851734154
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
an-x-request-uuid
e2d0b2da-84ed-4585-ab90-f04004869bd7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7124857179851734154
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EFDC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3775486543021645614&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3775486543021645614&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3775486543021645614&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame EFDC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXsBrwAG4O4N7wBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXsBrwAG4O4N7wBU
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-lga21921-LGA
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702560175.188893,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXsBrwAG4O4N7wBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%...
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
0
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c226e8351881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=e4b9e599-0e6d-4b26-a94e-0df2a75efc8e&gdpr=0
date
Thu, 14 Dec 2023 13:22:55 GMT
content-length
0
pixel
capi.connatix.com/us/ Frame 3584
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LQ58D8TE-Z-KF35&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQ58D8TE-Z-KF35&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8356c2272c4d2395-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://capi.connatix.com/us/pixel?puid=LQ58D8TE-Z-KF35&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 3584
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
an-x-request-uuid
974432ab-e88a-44fa-895b-bcd25e24ddbb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 3584
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ58D8TE-Z-KF35&gdpr=0
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ58D8TE-Z-KF35&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 3584
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ58D8TE-Z-KF35&gdpr=0
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6464563808578484187
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6464563808578484187
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6464563808578484187
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2w51-qyfWF5reWb4xqKsmAW16oU
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2w51-qyfWF5reWb4xqKsmAW16oU
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2w51-qyfWF5reWb4xqKsmAW16oU
Date
Thu, 14 Dec 2023 13:22:55 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=a735f9cd-a79a-42c4-96d6-06cd1f5df56a
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=a735f9cd-a79a-42c4-96d6-06cd1f5df56a
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:48 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=a735f9cd-a79a-42c4-96d6-06cd1f5df56a
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=32b239a0-ab2d-4809-b73e-d37dda384a87&gdpr=0
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=32b239a0-ab2d-4809-b73e-d37dda384a87&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=32b239a0-ab2d-4809-b73e-d37dda384a87&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
798052
content-length
0
expires
Thu, 14 Dec 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3775486543021645614&expires=60&gdpr=0&gdpr_consent=
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3775486543021645614&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3775486543021645614&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7124857179851734154&expires=30&gdpr=0
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7124857179851734154&expires=30&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
an-x-request-uuid
bda42e3c-6ef7-4b47-8ffd-473f8d919a3d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7124857179851734154&expires=30&gdpr=0
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2013%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=822783911
  • https://sync.1rx.io/usersync3/mediamathtest/2013/8616657b-01af-4e00-8f0f-56f36e2239ec?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-102ccb58-8ace-42...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
date
Thu, 14 Dec 2023 13:22:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX102ccb588ace429b80ca7458bce78d64005
content-type
text/html
esync
token.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://id.rlcdn.com/709414.gif?gdpr=0
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&expires=360&gdpr=0&gdpr_consent=
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&expires=360&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
events-ssc.33across.com/ Frame 3584
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQ58D8TE-Z-KF35&gdpr=0
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ58D8TE-Z-KF35&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ58D8TE-Z-KF35&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ58D8TE-Z-KF35&ts=1702560175&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
tap.php
pixel.rubiconproject.com/ Frame 3584
Redirect Chain
  • https://match.deepintent.com/usersync/143?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_0017631c80754d2ab5c95
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_0017631c80754d2ab5c95
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_0017631c80754d2ab5c95
date
Thu, 14 Dec 2023 13:22:54 GMT
content-type
image/gif
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
setuid
s2s.t13.io/ Frame 3584
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
86 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0
  • https://sync.1rx.io/usersync/rubicon/LQ58D8TE-Z-KF35?gdpr=0
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-102ccb58-8ace-42...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&expires=30
date
Thu, 14 Dec 2023 13:22:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX102ccb588ace429b80ca7458bce78d64005
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ58D8TE-Z-KF35&obUid=&initiator=&gdpr=0
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ58D8TE-Z-KF35&obUid=&initiator=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:55 GMT
Cache-Control
no-cache
X-TraceId
da873dbe0fd7568fce9cec64910d86c2
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ58D8TE-Z-KF35&obUid=&initiator=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
60909
i6.liadm.com/s/ Frame 080A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096&gdpr=0
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ58D8TE-Z-KF35&gdpr=0
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ58D8TE-Z-KF35&gdpr=0
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:cd25:a651:9c8e:3acd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:55 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ58D8TE-Z-KF35&gdpr=0
Date
Thu, 14 Dec 2023 13:22:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
cs
cs.yellowblue.io/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35&gdpr=0
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ58D8TE-Z-KF35&gdpr=0
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.230.74.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-74-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-231-222.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ58D8TE-Z-KF35&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ58D8TE-Z-KF35&gdpr=0
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
52.206.176.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-176-4.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXsBrwAG4O4N7wBU&gdpr=0
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXsBrwAG4O4N7wBU&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-lga21921-LGA
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702560175.223966,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXsBrwAG4O4N7wBU&gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e4155534-9a83-11ee-b616-b78795e4e1b7&expires=60
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e4155534-9a83-11ee-b616-b78795e4e1b7&expires=60
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
Cowboy
content-type
image/gif
location
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e4155534-9a83-11ee-b616-b78795e4e1b7&expires=60
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-2
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://um.simpli.fi/rb_match?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7772916224FC42C8A0D6CD8EA9C90A5F&expires=365
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7772916224FC42C8A0D6CD8EA9C90A5F&expires=365
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7772916224FC42C8A0D6CD8EA9C90A5F&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 13 Dec 2023 13:22:55 GMT
tap.php
pixel.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=BNPibioAZsNFnH1mmWFHNQ&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=3ae60d881339241d&is_secure=true&networkId=12783&version=1&nuid=BNPibioAZsNFnH1mmWFHNQ&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAB0F2ktG-tsgNPaKOEAAAAAAA&expiration=1702646575&nuid=BNPibioAZsNFnH1mmWFHNQ&is_secure=true&gdpr=0
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAB0F2ktG-tsgNPaKOEAAAAAAA&expiration=1702646575&nuid=BNPibioAZsNFnH1mmWFHNQ&is_secure=true&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAB0F2ktG-tsgNPaKOEAAAAAAA&expiration=1702646575&nuid=BNPibioAZsNFnH1mmWFHNQ&is_secure=true&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
tap.php
pixel.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=12406&nid=2540&put=657B01ACC5F8B7699371AF6CBLIS&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=12406&nid=2540&put=657B01ACC5F8B7699371AF6CBLIS&expires=30
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=12406&nid=2540&put=657B01ACC5F8B7699371AF6CBLIS&expires=30
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ58D8TE-Z-KF35&gdpr=0
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
135.148.2.56 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-135-148-2.us
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
setuid
prebid-s2s.media.net/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet&gdpr=0
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
86 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
content-encoding
gzip
via
1.1 google
server
envoy
content-type
image/png
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
clear
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
Rubicon
crb.kargo.com/api/v1/dsync/ Frame 080A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864&gdpr=0
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ58D8TE-Z-KF35&gdpr=0
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
44.198.25.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-25-64.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 080A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=9sqhxA1ot6tb&ev=1&pid=560687&gdpr=0
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=9sqhxA1ot6tb&ev=1&pid=560687&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=9sqhxA1ot6tb&ev=1&pid=560687&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-qg448
expires
-1
i.match
s.tribalfusion.com/z/ Frame C6E9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&gdpr=0
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8356c227ec4842f1-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
626
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&gdpr=0
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8356c2275b8c42f1-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame C6E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ58D8TE-Z-KF35&gdpr=0
0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7312440271109945492&expires=730&gdpr=0
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7312440271109945492&expires=730&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7312440271109945492&expires=730&gdpr=0
Date
Thu, 14 Dec 2023 13:22:55 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
ads.yieldmo.com/ Frame C6E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQ58D8TE-Z-KF35&gdpr=0
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
44.216.234.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-234-174.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
sync
usr.undertone.com/userPixel/ Frame C6E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
0
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.162.3.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-25.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
content-length
0
x-amz-cf-id
UMdxOVKXTt8L67E_NMN_6wXj3CqSeo8dwmWykDx3FHG585ZpPH2BiA==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=2&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=864661978466&expires=30&us_privacy=1---
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=864661978466&expires=30&us_privacy=1---
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Access-Control-Allow-Origin
*
Location
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=864661978466&expires=30&us_privacy=1---
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rubicon/?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=MF_DK0ca-rYwg9tzmgTO&gdpr=0
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=MF_DK0ca-rYwg9tzmgTO&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=MF_DK0ca-rYwg9tzmgTO&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10DAE562F_1FED0DF4&expires=60
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10DAE562F_1FED0DF4&expires=60
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10DAE562F_1FED0DF4&expires=60
Date
Thu, 14 Dec 2023 13:22:55 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-385564975; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
227
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=8_PRzPX3h8jo9oCW_f_LyPekhc_ooNSYofUVx81j
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=8_PRzPX3h8jo9oCW_f_LyPekhc_ooNSYofUVx81j
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=8_PRzPX3h8jo9oCW_f_LyPekhc_ooNSYofUVx81j
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
e.serverbid.com/ Frame C6E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856&gdpr=0
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ58D8TE-Z-KF35&gdpr=0
35 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://eus.rubiconproject.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
/
csync.loopme.me/ Frame C6E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme&gdpr=0
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ58D8TE-Z-KF35&gdpr=0
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
35.214.138.188 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
188.138.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
server
_

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://csync.loopme.me/?partner_id=1441&vt=&uid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame C6E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon&gdpr=0
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ58D8TE-Z-KF35&gdpr=0
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
2606:ae80:1471:1c::2100 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
image/gif
cache-control
no-cache
content-length
43
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://match.adsby.bidtheatre.com/rubiconmatch?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=370cc22f-cf69-401b-bdaa-5ae126186c01
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=370cc22f-cf69-401b-bdaa-5ae126186c01
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=370cc22f-cf69-401b-bdaa-5ae126186c01
Date
Thu, 14 Dec 2023 13:22:55 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=87&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=7387344376717378074&gdpr=0&gdpr_consent=
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=7387344376717378074&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=7387344376717378074&gdpr=0&gdpr_consent=
date
Thu, 14 Dec 2023 13:22:54 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame C6E9
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncRubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_e3eff050-9a83-11ee-b183-121a6d1d7927&expires=1825
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_e3eff050-9a83-11ee-b183-121a6d1d7927&expires=1825
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_e3eff050-9a83-11ee-b183-121a6d1d7927&expires=1825
date
Thu, 14 Dec 2023 13:22:55 GMT
content-type
text/plain
getuid
sync.smartadserver.com/ Frame C6E9
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]&gdpr=0
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Server
135.148.2.56 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-135-148-2.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dmed...
  • https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3455617720813374000V10
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3455617720813374000V10
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c22919e91881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 14 Dec 2023 13:22:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://elb.the-ozone-project.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3455617720813374000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 14 Dec 2023 13:22:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FBC3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d63f1f37aa8938a46b6244133ac428f0bef4145993d42f8d7a7f73a8c1b3920

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8356c2281c840f41-EWR
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 13:22:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uThoNiVvTKTtRbv45BNt5IL3FPkPfMgrPc0LL2hqEAFuxDVjidsiUicAnYLyfy6krYRJzzCf33Qcy%2FKrEVGFax8NI8Vmpts99pSazmYSmX7TqDT5XUPMeBKxlFgk74PCq%2BjrrclbZxId4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FBC3 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXsBrLkpbmgLgq_N6q8TEAAABTQAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:66d2:da85:8248:ed74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame FBC3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7124857179851734154
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7124857179851734154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6abrBhh0nECq5s9gqXte2dgRsW1flknSwiAvdvnEFu8%2FZKmTw5ZdBQPil4SXhGT9UwEYGPTKFbMc8TZkc8f8Z5kSPo8d53%2BKco%2F4yd8ccX1P%2FK2iHMhPVVGHv3KVPvvTwwKdWBGdaQfdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2286cbc0f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
an-x-request-uuid
08eba902-5b0f-4fa8-aab9-33009031a5e6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7124857179851734154
x-proxy-origin
5.181.234.133; 5.181.234.133; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FBC3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACbNU7K9gMAABLqgtK56w&expiration=1703769775
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACbNU7K9gMAABLqgtK56w&expiration=1703769775
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1r5uQ14u2MqfBzih1XejJqjNfVDQQUrCRkcnmrF%2BdgOsIOMHMzRkcTyWObnET31Nv%2Bp%2Bm5c4Hi70y4B3pOURl%2FEDxC2qLdhlLPv5X%2BKWVjbMhUvLh%2BVVno6U%2Bi2WFIGGy2qV5U84%2B%2Ft4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2286cb60f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACbNU7K9gMAABLqgtK56w&expiration=1703769775
Date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame FBC3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Rt_OnEDbmJhd2p_GSNPUmEKImp9djMvIFNkn0SFA
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Rt_OnEDbmJhd2p_GSNPUmEKImp9djMvIFNkn0SFA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6JUICEd4ElmNriGgVfWP09kuHmxYm0lnXKeyBnBGEqNOPq0aOld1bTgQlsO1b1eipx%2F62vdf73QZNhBpZ0R9h8We8rSOmYdAndvJNO6q79lJYdur0TzAGRAk7LBGyTiXH6NZFeJnCM2kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2286cb70f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Rt_OnEDbmJhd2p_GSNPUmEKImp9djMvIFNkn0SFA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FBC3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=546081868503611178&expiration=1703769769
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=546081868503611178&expiration=1703769769
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeAOpc4IlpHCcjWkH%2BK6bjXasjo8nzuFEijynsswW%2Bx0jUUmrPqE9I1AAoQJ9IDL365DgUBJxNPaLbh%2BFSzDTDKKq0x2qRSIbmqB2H9TtPuMPOu9tAwajiQZ78gcAzettEX9%2BUSrJtmtHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c229ee190f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=546081868503611178&expiration=1703769769
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum.casalemedia.com/ Frame FBC3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dae20180-897d-4967-862d-184aeca4dd29&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=50144256947007183211867252614357196588&pt=00ba3ccf-955c-46a4-a4eb-2f0bfe118f49%2Chttps%253A%252F%252Fx.bidswitch.net%252Fs...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=dae20180-897d-4967-862d-184aeca4dd29
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZf3Spw4HYTuwaf%2BUMcCdGit%2BHcpsP57eFiwmYMqaQlgc2Dll5qiT9alo2kaZbOktYwZcvbAXenchwgLtYnzt7ZQyh8w7lT9aPopycU3%2Fd4v%2BTejP4B4NHe9pt5zHqNxHuop%2Fy3g"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2292d870f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 14 Dec 2023 13:22:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame FBC3
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3978200c-b893-457a-bcc4-bbc39cf6e216&expiration=1734182575
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3978200c-b893-457a-bcc4-bbc39cf6e216&expiration=1734182575
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNIttHb0q%2B60bmTExhnTRQkIz0%2BxH20cWXLQdLF5dAg5eWj6GJzsleBg9K9O9sWNMlf3fd4TrWk4Yn14%2Fts8Ah9FZE7Q%2BxTR2%2BG9I%2FIpgnJ%2Bk1YTrZc9UPoFrgwg%2BZzylRoV7blwBkfTyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c228acf80f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3978200c-b893-457a-bcc4-bbc39cf6e216&expiration=1734182575
Date
Thu, 14 Dec 2023 13:22:55 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame FBC3
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=5859e26ff7e74a5abd461b1685eb82c5&expiration=1705152175
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=5859e26ff7e74a5abd461b1685eb82c5&expiration=1705152175
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSd9%2FPyA8Gq1%2F3T0dO1kGk0tJLMekoM%2BFWzocop9%2FQBu0EaNK6xHD9uL0AA1%2Bpd%2FRdB6RYG8al%2Fx%2FcHQx%2F0NzvrsDA4fxfyPyMcpKClhpIe506P5abhGcuFIzzQmzgUvSdnb4hmYUW%2BgzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8356c2288cd90f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=5859e26ff7e74a5abd461b1685eb82c5&expiration=1705152175
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame FBC3 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZXsBrLkpbmgLgq-N6q8TEAAA%261332
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fworld%2F2023%2Fdec%2F11%2Fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
7605
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8356c22858d54257-EWR
content-length
43
expires
Fri, 15 Dec 2023 13:22:55 GMT
pbs-user-sync
ads.stickyadstv.com/ Frame 6F04 		354 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
e91ad6f3253b9d5b5a4584630b96830a38ce944284464a13a257edd3ab59bbfd

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Date
Thu, 14 Dec 2023 13:22:55 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1702560175562036-255
user-registering
ads.stickyadstv.com/ Frame 81B8
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=bd6d9b85d016104917a3743e822f3a37&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume914a_7313579709520749416&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a8eab6db-f103-457f-bed9-4e45a07b3671&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACbNU7K9gMAABLqgtK56w&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/bd6d9b85d016104917a3743e822f3a37?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-xFBc.MdE2oM7yrOZf.vZF2VHI2SPQc01jfLAfrVQ~A
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmQ2ZDliODVkMDE2MTA0OTE3YTM3NDNlODIyZjNhMzc=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELX6jpEEiNw4b71TuvlBdRU&google_cver=1&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=5qefavUm1RdLG05&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7124857179851734154&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=3689d91e-b12c-4aef-8922-534aedc7ad33
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=3825571&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=935250ca-a545-48f5-9af9-b2e5e5320cdf
0
0
setuid
elb.the-ozone-project.com/ Frame ABE6 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=bd6d9b85d016104917a3743e822f3a37
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8356c2298a2d1881-EWR
content-length
0
date
Thu, 14 Dec 2023 13:22:55 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=546081868503611178
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=546081868503611178
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c22e4e721881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=546081868503611178
date
Thu, 14 Dec 2023 13:22:56 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_priv...
  • https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
0
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23148cf1881-EWR
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:22:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
178
Expires
Thu, 01 Dec 1994 16:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_pri...
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_pri...
  • https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3edc116a-6db0-4018-b127-1zz1702560168
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3edc116a-6db0-4018-b127-1zz1702560168
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23c59ac1881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3edc116a-6db0-4018-b127-1zz1702560168
date
Thu, 14 Dec 2023 13:22:48 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
SPug
simage4.pubmatic.com/AdServer/ Frame FC66 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157206&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame FC66 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12707571&p=157206&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7880671c90edb64973b62806daa999697e566cf3899f2db747c772c70ffe521e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:22:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
a.tribalfusion.com/ Frame 3682 		43 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8356c2393dd942f1-EWR
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame BB29
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e4155534-9a83-11ee-b616-b78795e4e1b7
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e4155534-9a83-11ee-b616-b78795e4e1b7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 14 Dec 2023 13:22:58 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e4155534-9a83-11ee-b616-b78795e4e1b7
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
Pug
simage2.pubmatic.com/AdServer/ Frame F63B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Dec 2023 13:22:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame A1CB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5qefavUm1RdLG05&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5qefavUm1RdLG05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Dec 2023 13:22:57 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5qefavUm1RdLG05&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0a10dd62e034df3f5@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame BCEE
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=3978200c-b893-457a-bcc4-bbc39cf6e216&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.51.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-51-202.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:22:58 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 14 Dec 2023 13:22:57 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 8D67
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314646804484354
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314646804484354
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 14 Dec 2023 13:22:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314646804484354
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame A112
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 13:22:57 GMT
expires
Thu, 14 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
3856516
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 4083 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame D9BE
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdf40ffcc56f0457bacc633de0ff751f9
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdf40ffcc56f0457bacc633de0ff751f9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:22:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdf40ffcc56f0457bacc633de0ff751f9
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame DE1F
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=864661978466
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=864661978466
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:22:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=864661978466
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame FC66 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-126.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:58 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
content-length
0
x-amz-cf-id
w7JG-EzwAc7dKeL9sEPZuuaiXqinSPtskNy2oeAzZVYD-VgfOnBByw==
x-cache
Error from cloudfront
362358.gif
idsync.rlcdn.com/ Frame FC66
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJKC3A0bk5soKHPcrOVsGlk&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJKC3A0bk5soKHPcrOVsGlk&google_cver=1
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:58 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJKC3A0bk5soKHPcrOVsGlk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B/gdpr=0/ Frame FC66 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B/gdpr=0/gdpr_consent=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.94.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-94-68.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.62.77
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FC66 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/10b566463059c4855741/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4ef9cb4cabe6655c921f9dd6ad5788b04d4e7a7e1a169ef3c08ab7a88d2819a3

Request headers

Referer
https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 13:22:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23ca9ef1881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ieTmK5Ecrz3JoEbgazwpJ1DtYUvQZvh3xUeY04lIDlOya29JBEgn9umODn0rNWb5gmZl3ml3Lr0HzES6KYO8XJ8eO4BRtBNexnB5UY%2FW90WjnfUMLkyHKhAf24AoBzZGUE%2F%2FKH3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXsBrLkpbmgLgq-N6q8TEAAA%261332
cache-control
no-cache
cf-ray
8356c23c8e530f41-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_con...
  • https://elb.the-ozone-project.com/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23d1a391881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
date
Thu, 14 Dec 2023 13:22:58 GMT
server
fasthttp
content-length
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FXR_emJE2uEqo14QqNHzWZDNqQb9jJKyG6wqE1A-~A&gdpr=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FXR_emJE2uEqo14QqNHzWZDNqQb9jJKyG6wqE1A-~A&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23d6a7b1881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FXR_emJE2uEqo14QqNHzWZDNqQb9jJKyG6wqE1A-~A&gdpr=0
date
Thu, 14 Dec 2023 13:22:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=cd1347e3-c502-4545-a8eb-66a3dc736273
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=cd1347e3-c502-4545-a8eb-66a3dc736273
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23daac51881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=cd1347e3-c502-4545-a8eb-66a3dc736273
access-control-allow-origin
*
date
Thu, 14 Dec 2023 13:22:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?uid=AACbNU7K9gMAABLqgtK56w&bidder=beeswax
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?uid=AACbNU7K9gMAABLqgtK56w&bidder=beeswax
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23deae91881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?uid=AACbNU7K9gMAABLqgtK56w&bidder=beeswax
Date
Thu, 14 Dec 2023 13:22:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_p...
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23e2b171881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3ziDXyyGGDyBeHHqB9Dm&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
/
onetag-sys.com/usync/ Frame F032 		2 KB
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
47242098432885ff6449fd864249bf66f83d665577c76d97d98873087d9f0168
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
793
content-type
text/html
strict-transport-security
max-age=15552000
setuid
elb.the-ozone-project.com/ Frame F032 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23e8b591881-EWR
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%2...
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=e45e91f7-80dc-e344-3f66-38dfed6c98f2&us_privacy=pbs-ozone
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=e45e91f7-80dc-e344-3f66-38dfed6c98f2&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23ecb9e1881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:58 GMT
content-encoding
gzip
x-accel-expires
0
vary
Origin
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=e45e91f7-80dc-e344-3f66-38dfed6c98f2&us_privacy=pbs-ozone
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
152
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
x.bidswitch.net/ Frame D376
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=dae20180-897d-4967-862d-184aeca4dd29&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dozone%26user...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=ozone&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=437&ssp=ozone&user_id=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:22:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Thu, 14 Dec 2023 13:22:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://x.bidswitch.net/sync?dsp_id=437&ssp=ozone&user_id=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=a8eab6db-f103-457f-bed9-4e45a07b3671
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=a8eab6db-f103-457f-bed9-4e45a07b3671
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23f8c291881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=a8eab6db-f103-457f-bed9-4e45a07b3671
date
Thu, 14 Dec 2023 13:22:59 GMT
server
Kestrel
content-length
215
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H0eCePZHYKqpHbQzR42fHIsP
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H0eCePZHYKqpHbQzR42fHIsP
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c23fcc4f1881-EWR
content-length
0
expires
0

Redirect headers

Date
Thu, 14 Dec 2023 13:22:59 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H0eCePZHYKqpHbQzR42fHIsP
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=a56f4bbb-0c12-0901-0e5f-e250830487e3
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=a56f4bbb-0c12-0901-0e5f-e250830487e3
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c2402c8e1881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=a56f4bbb-0c12-0901-0e5f-e250830487e3
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpb...
  • https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c2407cbf1881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=OPTOUT
pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
etag
OPTOUT
content-type
text/html
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c240ccf01881-EWR
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQ58D8TE-Z-KF35&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
sync
ads.servenobid.com/ Frame 1E97
Redirect Chain
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25...
  • https://ads.servenobid.com/sync?pid=312&uid=7124857179851734154&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&rndcb=8655447867
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadcon...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=bc8f40ee16e34a29bed3d140d1dec4b2&ssp=adconductor&bsw_param=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&consent=&gdpr_pd=&expires=7
  • https://sync.1rx.io/usersync/bidswitch/dae20180-897d-4967-862d-184aeca4dd29?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-102ccb58-8ace-429b-80ca-7458bce78d64-00...
  • https://ads.servenobid.com/sync?pid=321&uid=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-p...
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redire...
  • https://ads.servenobid.com/sync?pid=317&uid=7387344376717378074&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
  • https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%...
  • https://ads.servenobid.com/sync?pid=353&uid=3455617720813374000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid...
  • https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%25...
  • https://ads.servenobid.com/sync?pid=310&uid=H0eCePZHYKqpHbQzR42fHIsP&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetu...
0
0
SPug
simage4.pubmatic.com/AdServer/ Frame FC66 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157206&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:22:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbs-iframe
pbs-cs.yellowblue.io/ Frame D830 		702 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6327b57b399830c9276d70f63c681b62f20322dcc12bda2abaf0a258d32fdb7a

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://elb.the-ozone-project.com/
content-length
702
content-type
text/html
date
Thu, 14 Dec 2023 13:23:00 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
cs
cs.yellowblue.io/ Frame D830
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$UID
  • https://cs.yellowblue.io/cs?aid=11606&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=546081868503611178
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11606&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=546081868503611178
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:23:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
24
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11606&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=546081868503611178
date
Thu, 14 Dec 2023 13:23:00 GMT
server
nginx
content-length
0
content-type
text/plain
cs
cs.yellowblue.io/ Frame D830
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
  • https://cs.yellowblue.io/cs?aid=11585&id=3455617720813374000V10
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11585&id=3455617720813374000V10
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
34.197.219.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-219-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:23:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 13:23:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cs.yellowblue.io/cs?aid=11585&id=3455617720813374000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 14 Dec 2023 13:23:00 GMT
setuid
elb.the-ozone-project.com/ Frame D830 		0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rise&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=IBg4oAn-Cp_s
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c24669331881-EWR
content-length
0
expires
0
/
onetag-sys.com/usync/ Frame A904 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pbs-cs.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpb...
  • https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c24a3c591881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=inmobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ID5-d3a1dRhRsfrVvuJwnIkOz0Y1U7F2Zf_ivOzzlxZc4g
date
Thu, 14 Dec 2023 13:23:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=dae20180-897d-4967-862d-184aeca4dd29
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=dae20180-897d-4967-862d-184aeca4dd29
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c24abcbe1881-EWR
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=dae20180-897d-4967-862d-184aeca4dd29
Date
Thu, 14 Dec 2023 13:23:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7387344376717378074
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7387344376717378074
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c24bad441881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7387344376717378074
date
Thu, 14 Dec 2023 13:23:00 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%...
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AQELOE5v663ewAIF9zgLAQEBAQE&expiration=1702646581
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AQELOE5v663ewAIF9zgLAQEBAQE&expiration=1702646581
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c24c1d951881-EWR
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AQELOE5v663ewAIF9zgLAQEBAQE&expiration=1702646581
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-o...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5250%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D0a85c1a2-f77a-482f-b519-c344e05b647d%26bidder%...
  • https://prebid.a-mo.net/cchain/0/5250?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=0a85c1a2-f77a-482f-b519-c344e05b647d&bidder=appnexus&cbx=aHR0cHM6Ly9lbGIudGhlLW96b25lLXByb2plY3QuY29tL3NldHVpZ...
  • https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0a85c1a2-f77a-482f-b519-c344e05b647d
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0a85c1a2-f77a-482f-b519-c344e05b647d
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c24c9de71881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0a85c1a2-f77a-482f-b519-c344e05b647d
date
Thu, 14 Dec 2023 13:23:00 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
setuid
elb.the-ozone-project.com/ Frame E7A2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212257090824875
0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212257090824875
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8356c24cee1a1881-EWR
content-length
0
date
Thu, 14 Dec 2023 13:23:01 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 13:23:01 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212257090824875
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000A
setuid
elb.the-ozone-project.com/ Frame D376
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=119942835268329456868
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=119942835268329456868
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
8356c24d5e651881-EWR
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=119942835268329456868
date
Thu, 14 Dec 2023 13:23:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5BA3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161219
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 14 Dec 2023 13:23:01 GMT
expires
Sat, 16 Dec 2023 10:10:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 5BA3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92613457&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
699ccd961602dc8103dc1311b28b2b86f7705b54916598848c6d2d2fe81fa59f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 13:23:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 9C8F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=dae20180-897d-4967-862d-184aeca4dd29&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=zMdF8BAI_AxXcRp4ZaGS0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 03:32:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Dec 2023 13:23:01 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=dae20180-897d-4967-862d-184aeca4dd29&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C842
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 03:42:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 13:23:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 8B90
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8616657b-01af-4e00-8f0f-56f36e2239ec&gdpr=0&gdpr_consent=
42 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8616657b-01af-4e00-8f0f-56f36e2239ec&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:23:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:23:01 GMT
Expires
Thu, 14 Dec 2023 13:23:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x53 config_version:"3667"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8616657b-01af-4e00-8f0f-56f36e2239ec&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame D4C0
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=zTIyQveBA8eDRC-WtQF7ZQ
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=zTIyQveBA8eDRC-WtQF7ZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:23:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:23:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=zTIyQveBA8eDRC-WtQF7ZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame CDEF 		43 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Dec 2023 13:23:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 9FC5
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=1601502127
  • https://sync.1rx.io/usersync3/centro/1508/79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553?zcc=0&sspret=1&rndcb=1601502127
  • https://sync.targeting.unrulymedia.com/csync/RX-102ccb58-8ace-429b-80ca-7458bce78d64-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 03:44:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 14 Dec 2023 13:23:01 GMT
etag
RX102ccb588ace429b80ca7458bce78d64005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cookiesync
core.iprom.net/ Frame 8F80 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Dec 2023 13:23:01 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-af96553231b4@version_1.579
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame B5D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 14 Dec 2023 13:23:01 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame CF99
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7558465811446236429&uid=Q755846581144623...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7558465811446236429
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7558465811446236429
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Dec 2023 13:23:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=50732
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 14 Dec 2023 13:23:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7558465811446236429
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 552C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 13:22:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 14 Dec 2023 13:23:01 GMT
expires
Wed, 13 Dec 2023 13:23:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7772916224FC42C8A0D6CD8EA9C90A5F&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
elb.the-ozone-project.com/ Frame E26A 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8356c24dfec91881-EWR
content-length
0
date
Thu, 14 Dec 2023 13:23:01 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
/
bpi.rtactivate.com/tag/ Frame 5BA3 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.67.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-67-38.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:23:01 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
52164
i.liadm.com/s/ Frame 5BA3
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-xSmA-U1AbfJ2eIQDrgpC_1p1VL7m7tDswtqVdQ
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=6e526da7-62fa-44a3-835e-3b76e37652d4
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&gdpr=0&user_id=o3Ya5qVyTOK4c0u8rXoA4qchTuW4JR-y8XDmMON8
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dae20180-897d-4967-862d-184aeca4dd29
43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dae20180-897d-4967-862d-184aeca4dd29
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Server
107.21.52.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-52-231.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:23:01 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dae20180-897d-4967-862d-184aeca4dd29
Date
Thu, 14 Dec 2023 13:23:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 5BA3 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.94.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-94-68.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.54.227
content-length
49
expires
0
/
io.narrative.io/ Frame 5BA3
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
  • https://io.narrative.io/?io.narrative.guid.v2=e7c6c1e0-9a83-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=e7c6c1e0-9a83-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Server
54.156.158.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-158-209.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:23:01 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=e7c6c1e0-9a83-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Date
Thu, 14 Dec 2023 13:23:01 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
rum
elb.the-ozone-project.com/cdn-cgi/ Frame D376 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1702560171907&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 14 Dec 2023 13:23:02 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://elb.the-ozone-project.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8356c25229f91881-EWR
SPug
simage4.pubmatic.com/AdServer/ Frame 5BA3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:23:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 5BA3 		625 B
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77708773&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
139c8b3770d40c79c900930e9994fb307009f405e82887215a625fa1f7dd1fc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 14 Dec 2023 13:23:03 GMT
content-length
625
content-type
text/html; charset=UTF-8
setuid
elb.the-ozone-project.com/ Frame D4E4 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8356c2614ccc1881-EWR
content-length
0
date
Thu, 14 Dec 2023 13:23:04 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
p
a.audrte.com/ Frame 5BA3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWw5cW9SdjRwY2VTNmUxOU8xRG9OZ3JkZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=546081868503611178&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Server
34.251.97.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-97-118.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 13:23:05 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 14 Dec 2023 13:23:05 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame 5BA3 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-79.yul62.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:04 GMT
via
1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
YUL62-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
YxlG6x9IH0FRyDgpSA7_k9msgnE50SNsbFdJetFFL37-tzP0JP55HA==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 5BA3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:23:04 GMT
Frontend-ID
11
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 13:23:04 GMT
Frontend-ID
12
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5BA3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=a8eab6db-f103-457f-bed9-4e45a07b3671&icm&gdpr=0&gdpr_consent=&cver
  • https://spl.zeotap.com/?zdid=1332&zcluid=ed5e970f381e7905
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=61aeb2ab-3ec0-4eff-4f38-e3822efaa746&reqId=8383a402-316e-4c6a-6401-20a67e893ac3&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEM8FwwM3KnHmWeZLP6tKkyQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=61aeb2ab-3ec0-4eff-4f38-e3822efaa746&reqId=8383a402-316e-4c6a-6401-20a...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEM8FwwM3KnHmWeZLP6tKkyQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=61aeb2ab-3ec0-4eff-4f38-e3822efaa746&reqId=8383a402-316e-4c6a-6401-20a67e893ac3&zcluid=ed5e970f381e7905&zdid=1332
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:23:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8356c264dc8e43f9-EWR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 13:23:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEM8FwwM3KnHmWeZLP6tKkyQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=61aeb2ab-3ec0-4eff-4f38-e3822efaa746&reqId=8383a402-316e-4c6a-6401-20a67e893ac3&zcluid=ed5e970f381e7905&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5BA3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:23:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/434/796/3/7.gif?puid=935250ca-a545-48f5-9af9-b2e5e5320cdf&gdpr=0&gdpr_consent=
Domain
xsync.iqzone.com
URL
http://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DIqZone%26api-tier%3D1%26uid%3D%25USER_ID%25&gdpr=0
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D4235b744549846ab93810afb46e7b692%26DemandPartnerName%3DMediaNet%26tier%3D1%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0
Domain
cks.connatix.com
URL
https://cks.connatix.com/cks?pid=34&ev=4235b744549846ab93810afb46e7b692&pname=Colossus&api-tier=1&uid=f3253eeb-da02-4471-8b96-2801d8188624
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$UID
Domain
capi.connatix.com
URL
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=IBg4oAn-Cp_s&UserId=&tier=1
Domain
rtbc-ue1.doubleverify.com
URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=f80ba09c3ca34cd692af7392ab50bab8&vfdur=114&cbust=1702560173670150
Domain
as.jivox.com
URL
https://as.jivox.com/unit/unit_renderer.php?es_pId=413e405&c_ttd_advertiser_id=v5n5yy2&gdpr_consent=&dspId=TradeDesk&jvxVer=2&c_ttd_impression_id=2ed10db2-4bd1-4cf2-925a-351c918a33c3&ts_pId=413e405&c_jvx_advertiser_id=68748&showAdChoices=1&isDynamic=1&campaignId=169568&bDim=300x600&gdpr=0&bUnitId=2200&ap_DataSignal3=dv-51003938,cs_08_pa_eye224,doubleverify-vd2iab-75&ap_DataSignal2=2ed10db2-4bd1-4cf2-925a-351c918a33c3&r=416499&cMacro=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2ed10db2-4bd1-4cf2-925a-351c918a33c3%26ag%3Dhf6rued%26sfe%3D17b281ac%26sig%3DD6G5hcLFD3dm7ezmzIh-oB6mFKh6guVS1rGYjfrcqFA.%26crid%3Dydhn3x0h%26cf%3D5695670%26fq%3D0%26t%3D1%26td_s%3Dwww.theguardian.com%26rcats%3Dy29%2Cv8t%26mste%3Dtheguardian.com%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dopenx%26uhow%3D104%26agsa%3D%26wp%3DAAABjGh-iHKxgCVqfoBOOqPb6ElUCwVo6XTr5w%26rgz%3D10013%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D539997005%26rlangs%3D01%26mlang%3D%26did%3DOX-XPT-g4lAn6%26rcxt%3DOther%26tmpc%3D-0.13999999999998636%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTAxIghOZXcgWW9yazgBUAtYAoABAIgBAZABAbABALoBBQiWTBgIwAHE9wjAAc8awAG86AfQAcT3CJICCTU1NzU2NTI2NNgCiA7gAogO-AIBgAMBiAMBkAMBmAMDoAMguAPQ0ATQAwDaAwQIURgE%26dur%3DCj4KIWNoYXJnZS1tYXhEb3VibGVWZXJpZnlCcmFuZFNhZmV0eSIZCNv__________wESDGRvdWJsZXZlcmlmeQo-CiFjaGFyZ2UtYWxsRG91YmxlVmVyaWZ5Vmlld2FiaWxpdHkiGQjw__________8BEgxkb3VibGV2ZXJpZnkKPwoiY2hhcmdlLWFsbERvdWJsZVZlcmlmeUJvdEF2b2lkYW5jZSIZCOf__________wESDGRvdWJsZXZlcmlmeQpCCiVjaGFyZ2UtbWF4Q29tc2NvcmVfM1BQQV9FeWVvdGFfQ3VzdG9tIhkI1fL5________ARIMY29tc2NvcmUtY3R4Ck8KMGNoYXJnZS1hbGxEb3VibGVWZXJpZnlEaXNwbGF5Vmlld2FiaWxpdHlUcmFja2luZyIbCLf__________wESDGR2LXJlcG9ydGluZyoA%26durs%3Dp6cShQ%26crrelr%3D%26npt%3D%26mk%3Ddesktop%26mdl%3Dbrowser%26adpt%3Dnopx%26fpa%3D721%26pcm%3D3%26ict%3DUnknown%26said%3D8546569c-f8cb-47a9-82a4-3f39002cfa81%26auct%3D1%26us_privacy%3D1YNN%26tail%3D1%26r%3D&ap_DataSignal4=&ap_DataSignal7=openx&ap_DataSignal6=www.theguardian.com%2fworld%2f2023%2fdec%2f11%2fforged-documents-how-ukrainian-grain-may-be-enriching-putins-circle&ap_DataSignal9=ydhn3x0h|hf6rued&ap_DataSignal8=de261355-4769-4c9e-90f6-d9de96985079&us_privacy=1YNN&siteId=edcbd7ed316741c&creativeUnitType=22
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-e1539617-5658-4d5f-b352-91258ead02d1/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/cd8c3bb3-8a3c-41d3-9f9a-f31b1423ea67.bin
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_FmVVcd2HTld9o7RNzr6gVh8iHg5a1LhJsVTfS20EaNHme3pPhGGdFAFV771Rbrn7vtTMdVDwr0d_cCS-ZuN-_AxMEi4kqKiCyzQhze4LO3lRham5c6gpTFlq-2xgRn1QjZkFxTRAnjc3gpX9JmlGNBBQ&sig=Cg0ArKJSzNGO7y89BETjEAE&id=lidartos&mcvt=0&p=1341,446,1341,446&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1532238211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1702560172391&rpt=177&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~380
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/plugins/connatix.omsdk.service-web-1.4.9.js
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=935250ca-a545-48f5-9af9-b2e5e5320cdf
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=H0eCePZHYKqpHbQzR42fHIsP&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| guardian function| guardianPolyfilled object| curlConfig object| curl object| webpackChunk_guardian_dotcom_rendering object| guCmpHotFix function| guardianPolyfilledImport function| __uspapi object| _sp_queue object| _sp_ object| webpackChunk_guardian_commercial object| fastdom object| _sp_wp_jsonp object| googletag object| permutive object| apstag object| _comscore object| teads_analytics function| twq object| pbjsChunk object| pbjs object| _pbjsGlobals object| google_tag_data function| ga object| gaplugins string| GoogleAnalyticsObject object| gaGlobal object| gaData object| regeneratorRuntime object| twttr object| _aps boolean| apstagLOADED object| apscustom object| confiant object| brandmetrics function| __assign object| _brandmetrics object| COMSCORE object| ns_p object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig boolean| creativeVendorLibraryLoaded function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ggeac object| google_js_reporting_queue function| __spreadArray object| apntag undefined| google_measure_js_timing object| Criteo number| google_unique_id object| GoogleGcLKhOms function| confiantDfpWrap object| cnx_player_usr_storage object| cnx_usr_storage object| __IntegralASExec object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_145 object| Criteo_prebid_145 number| depth object| studioV2 object| studio object| THIRD_PARTY_TYPES_TO_PING_AT_IMPRESSION_TIME function| getVPAIDAd object| closure_lm_160195 number| closure_uid_68719921 object| studioV2_image_requests object| lotame_sync_17331 function| cnxProxyTask object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| lotameIsCompatible function| sync17331_aa function| sync17331_c undefined| sync17331_d undefined| sync17331_ba undefined| sync17331_e function| sync17331_f object| sync17331_h function| sync17331_ca function| sync17331_j function| sync17331_da object| sync17331_ object| sync17331_ga object| sync17331_v object| sync17331_oa object| sync17331_xa object| sync17331_ya function| sync17331_a function| sync17331_b function| sync17331_g function| sync17331_i function| sync17331_k function| sync17331_l function| sync17331_m function| sync17331_n function| sync17331_o function| sync17331_p function| sync17331_q function| sync17331_r function| sync17331_fa function| sync17331_ea function| sync17331_s function| sync17331_t function| sync17331_u function| sync17331_w function| sync17331_ha function| sync17331_ia function| sync17331_y function| sync17331_ja function| sync17331_z function| sync17331_A function| sync17331_x function| sync17331_B function| sync17331_ka function| sync17331_C function| sync17331_D function| sync17331_E function| sync17331_F function| sync17331_G function| sync17331_H function| sync17331_I function| sync17331_J function| sync17331_K function| sync17331_L function| sync17331_la function| sync17331_ma function| sync17331_na function| sync17331_M function| sync17331_N function| sync17331_pa function| sync17331_O function| sync17331_qa function| sync17331_ra function| sync17331_sa function| sync17331_P function| sync17331_ta function| sync17331_ua function| sync17331_va function| sync17331_wa function| sync17331_Q function| sync17331_R function| sync17331_za function| sync17331_S function| sync17331_T function| sync17331_U function| sync17331_V function| sync17331_Aa function| sync17331_W function| sync17331_X function| sync17331_Y function| sync17331_Z function| sync17331__ function| sync17331_0 function| sync17331_Ea function| sync17331_Ba function| sync17331_1 function| sync17331_Da function| sync17331_Ca function| sync17331_2 function| sync17331_3 function| sync17331_4 function| sync17331_5 function| sync17331_Ga function| sync17331_Ha function| sync17331_Ja function| sync17331_Fa function| sync17331_7 function| sync17331_Ia function| sync17331_La function| sync17331_Ka function| sync17331_8 function| sync17331_6 function| sync17331_9 function| sync17331_Ma function| sync17331_Na function| sync17331_Oa function| sync17331_Pa function| sync17331_$ function| sync17331_Qa function| sync17331_Ra function| sync17331_Sa function| sync17331_Ta function| cnxAddEventListener

338 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQxab6w8YxCgoIkQIQxab6w8YxCgoItAIQxab6w8YxCgoI5gEQxab6w8YxCgoIhwIQxab6w8YxCgoItwIQxab6w8YxCgkIOhDFpvrDxjEKCgiMAhDFpvrDxjEKCQhfEMWm-sPGMQoJCB8Qxab6w8Yx
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: CjEKBQgKEN0WCgYI3QEQ3RYKBQgMEOcWCgYIogEQ3RYKCQj_____BxDnFgoGCNIBEN0W
.theguardian.com/ Name: GU_mvt_id
Value: 668713
www.theguardian.com/ Name: GU_geo_country
Value: US
.theguardian.com/ Name: dnsDisplayed
Value: undefined
.theguardian.com/ Name: ccpaApplies
Value: true
.theguardian.com/ Name: signedLspa
Value: undefined
.theguardian.com/ Name: bwid
Value: idFromPV_MWda0j6KkwDMjgaRX_BIbQ
.theguardian.com/ Name: bwid_withoutSameSiteForIncompatibleClients
Value: idFromPV_MWda0j6KkwDMjgaRX_BIbQ
.theguardian.com/ Name: ccpaUUID
Value: 78de3ff3-a962-4471-9d7d-224bd47d4f98
.theguardian.com/ Name: _ga
Value: GA1.2.228846279.1702560171
.theguardian.com/ Name: _gid
Value: GA1.2.1048469489.1702560171
.theguardian.com/ Name: _gat_allEditorialPropertyTracker
Value: 1
.scorecardresearch.com/ Name: UID
Value: 170efbc1d241b9fd319f6501702560171
.twitter.com/ Name: personalization_id
Value: "v1_M4WuaeRNqfb+jNODnFwsyg=="
.theguardian.com/ Name: permutive-id
Value: 9f3ac40d-e62d-4755-8244-1ac92d507ee5
.t.co/ Name: muc_ads
Value: caa47b5f-2970-4878-8bbe-5286499ab26b
.d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/ Name: pxid
Value: d2de20b9-dfb6-42fa-832e-02ad22d6a63f
.doubleclick.net/ Name: IDE
Value: AHWqTUnYhkgme3X16QnKwNERpmlvCvY4gTPzrWdw0RemSusWSA9Iavj3uXESqqyG
.go.sonobi.com/ Name: __uis
Value: 4f1de70f-98b5-4f31-a55d-78f855a57328
.go.sonobi.com/ Name: _usd_theguardian.com
Value: lq58d77p9gvrwazgilbz
.3lift.com/ Name: tluid
Value: 119942835268329456868
.kargo.com/ Name: ktcid
Value: 110721fb-dd2c-037f-1515-faaf530dae3b
.omnitagjs.com/ Name: ayl_visitor
Value: 3b3e3207d8c8f45667463a6f4b472952
.the-ozone-project.com/ Name: __cf_bm
Value: P_iSSTEu9uKj3A.T9sQ3mPlrjlhykuAbo_o0I3QsBok-1702560171-1-AUe0SRMxeHZ48K+QL+NGfuKW2r9B9Jxn18dWattLBIxR1iGktIDsNYjYmYTziQGQtZTblEKM3tvRjsRbqHL6njw=
.amazon-adsystem.com/ Name: ad-id
Value: A_nTQXE3JED1nKqrW2kT6d4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 7124857179851734154
.casalemedia.com/ Name: CMID
Value: ZXsBrLkpbmgLgq-N6q8TEAAA
.casalemedia.com/ Name: CMPS
Value: 1332
.casalemedia.com/ Name: CMPRO
Value: 1332
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 30025371
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 30025371
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 30025371
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 30025371
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 30025371
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 30025371
.openx.net/ Name: i
Value: 4f1dfb2d-1c0a-051f-3f05-eaad66787693|1702560172
.yellowblue.io/ Name: wrvUserID
Value: IBg4oAn-Cp_s
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTMxszAwMbEwMTY1EeIz1E33Ts0s9S3Jzq00yAYAcr9VlyQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTMxszAwMbEwMTY1EeIz1E33Ts0s9S3Jzq00yAYAcr9VlyQAAAA
.go.sonobi.com/ Name: __uir_an
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_an
Value: 7124857179851734154
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98.7LkcQes3nUuml3cz6jSOz2Wus4thl6pW%2FjSsC6xOWyU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98.7LkcQes3nUuml3cz6jSOz2Wus4thl6pW%2FjSsC6xOWyU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A2w51-qyfWF5reWb4xqKsmAW16oU.040tKWaktr%2BZ%2FaykV7I%2FPwO5NP%2B%2BbxgdKBa18PHZyL0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A2w51-qyfWF5reWb4xqKsmAW16oU.040tKWaktr%2BZ%2FaykV7I%2FPwO5NP%2B%2BbxgdKBa18PHZyL0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACP0kVyoBj_SP9w6vvQv4Rnavk9L1eb4JeL0JNhZ5eTEHwYBCCsg-yrBjABOgQ8w7t9QgRw-eV1.jQYR6u9HyLoRCHSsCTQ4Ak0%2BUeVrWXhXlGQQsUUbqIY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACP0kVyoBj_SP9w6vvQv4Rnavk9L1eb4JeL0JNhZ5eTEHwYBCCsg-yrBjABOgQ8w7t9QgRw-eV1.jQYR6u9HyLoRCHSsCTQ4Ak0%2BUeVrWXhXlGQQsUUbqIY
.adsrvr.org/ Name: TDID
Value: a8eab6db-f103-457f-bed9-4e45a07b3671
.go.sonobi.com/ Name: __uir_zt
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_zt
Value: 970314646804484354
.contextweb.com/ Name: V
Value: 9sqhxA1ot6tb
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 538cfc40dd242881
.go.sonobi.com/ Name: __uih
Value: 1
.lijit.com/ Name: ljt_reader
Value: H0eCePZHYKqpHbQzR42fHIsP
.go.sonobi.com/ Name: __uir_st
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_st
Value: 2w51-qyfWF5reWb4xqKsmAW16oU
.bidswitch.net/ Name: c
Value: 1702560172
.bidswitch.net/ Name: tuuid_lu
Value: 1702560172
.bidswitch.net/ Name: tuuid
Value: dae20180-897d-4967-862d-184aeca4dd29
.brand-display.com/ Name: _knxq_
Value: e2aa92fd-0faa-8e2b-ff104402.1702560172.0.1702560172.1702560172
.ads.stickyadstv.com/ Name: UID
Value: bd6d9b85d016104917a3743e822f3a37
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjIzU7IyNDcwNjezNDc30lGyMEHlGxoYowoYQTQYmRkYG4P4ligaagGvdRCj
.demdex.net/ Name: demdex
Value: 50144256947007183211867252614357196588
.yieldmo.com/ Name: yieldmo_id
Value: 3ziDXyyGGDyBeHHqB9Dm%7C1702512000000%7C0
.liadm.com/ Name: lidid
Value: 6e526da7-62fa-44a3-835e-3b76e37652d4
.go.sonobi.com/ Name: __uir_td
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_td
Value: a8eab6db-f103-457f-bed9-4e45a07b3671
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
.company-target.com/ Name: tuuid
Value: 7a4d9276-e30b-451d-83dc-676b8686a4ec
.company-target.com/ Name: tuuid_lu
Value: 1702560172|ix:0
.33across.com/ Name: 33x_ps
Value: u%3D212257090824875%3As1%3D1702560172182%3Ats%3D1702560172182
.media.net/ Name: visitor-id
Value: 3455617720813374000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.dpm.demdex.net/ Name: dpm
Value: 50144256947007183211867252614357196588
.openx.net/ Name: univ_id
Value: 537072971|a8eab6db-f103-457f-bed9-4e45a07b3671|1702560172188344
.yahoo.com/ Name: A3
Value: d=AQABBKwBe2UCENAiIo97BnGPGAalyUABOBYFEgEBAQFTfGWEZdxX0iMA_eMAAA&S=AQAAAnXx6LNzhTnnN1wTRsgfaVA
.tapad.com/ Name: TapAd_TS
Value: 1702560172208
.tapad.com/ Name: TapAd_DID
Value: 00ba3ccf-955c-46a4-a4eb-2f0bfe118f49
.go.sonobi.com/ Name: __uir_eb
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_eb
Value: CAESEINMoF69x7PODaEAliiFmWQ||1
.blismedia.com/ Name: b
Value: 657B01ACC5F8B7699371AF6CBLIS
.clickagy.com/ Name: cb
Value: ZXsBrOGIX1XokO07UVDFE6G7
.lijit.com/ Name: _ljtrtb_84
Value: ZXsBrOGIX1XokO07UVDFE6G7
.go.sonobi.com/ Name: __uir_pp
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_pp
Value: 9sqhxA1ot6tb
.acuityplatform.com/ Name: auid
Value: 864661978466
.intentiq.com/ Name: IQver
Value: 1.9
.lijit.com/ Name: _ljtrtb_66
Value: 864661978466
.sharethrough.com/ Name: stx_user_id
Value: e4b9e599-0e6d-4b26-a94e-0df2a75efc8e
.go.sonobi.com/ Name: __uir_bw
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_bw
Value: dae20180-897d-4967-862d-184aeca4dd29
.creativecdn.com/ Name: u
Value: 0uG15I2KJM4xDYPLnMcE
.creativecdn.com/ Name: g
Value: 0uG15I2KJM4xDYPLnMcE_1702560172283
.creativecdn.com/ Name: ts
Value: 1702560172
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a8eab6db-f103-457f-bed9-4e45a07b3671&KRTB&22918-a8eab6db-f103-457f-bed9-4e45a07b3671&KRTB&22926-a8eab6db-f103-457f-bed9-4e45a07b3671&KRTB&23031-a8eab6db-f103-457f-bed9-4e45a07b3671
.rezync.com/ Name: zync-uuid
Value: 8d60d335-1254-4654-8994-a83540b3f21b:1702560172.2972653
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3EyRGAQAgEwI_pYMHAcJiNW1sGYuTaj36P6p263SkGhkT-9UzI3c7Q5Q9sXVYKplrhxBSS_gFkeNWlOgAAAA
.pippio.com/ Name: did
Value: ksawOEsd8XNjOF1p
.pippio.com/ Name: didts
Value: 1702560172
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CKyD7KsGEgYIgr0rEAA=
.simpli.fi/ Name: suid
Value: 7772916224FC42C8A0D6CD8EA9C90A5F
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEImOySoVrPVVKvK0y6QX99c&KRTB&23025-CAESEImOySoVrPVVKvK0y6QX99c&KRTB&23386-CAESEImOySoVrPVVKvK0y6QX99c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-102ccb58-8ace-429b-80ca-7458bce78d64-005%22%7D
.theguardian.com/ Name: __gads
Value: ID=23723dddd777ff2d:T=1702560171:RT=1702560171:S=ALNI_MYXvcB13X_DQLJOkC9A5VYcIyG8ew
.theguardian.com/ Name: __gpi
Value: UID=00000a039669cd16:T=1702560171:RT=1702560171:S=ALNI_MZsVvu85M4sgs3w8jepqorlQ1uqeQ
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:7772916224FC42C8A0D6CD8EA9C90A5F&KRTB&23486-uid:7772916224FC42C8A0D6CD8EA9C90A5F&KRTB&23489-uid:7772916224FC42C8A0D6CD8EA9C90A5F&KRTB&23539-uid:7772916224FC42C8A0D6CD8EA9C90A5F
.csync.loopme.me/ Name: viewer_token
Value: 80a24722-2b89-421d-85a3-ae506458ad51
.go.sonobi.com/ Name: __uir_rh
Value: 128957986525292187
.go.sonobi.com/ Name: __uin_rh
Value: KZEv7OqlJt1zoK5hzq2Pgua-GPkMfv0yz4kLDgKgKIo
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksKwzAMANG7aB0XWZLlz2VCUrtg2rglTjcNuXu9GRh4J8yfsm9LK-2AdOzfMsH9Vcd1SCf0-tvKExJEj2xFRQOKBGEncE3QS-_13eaaBwlZMTM7Y8mJER0JMYpZwtC48oPsmqxHcorW042iJ3UM1x9iGiRH.ZXsBrA.em461dHQnFCcGYpdyWvsP196ybo
.adx.opera.com/ Name: UID
Value: OPUdf40ffcc56f0457bacc633de0ff751f9
.turn.com/ Name: uid
Value: 3775486543021645614
.lijit.com/ Name: _ljtrtb_103
Value: OPUdf40ffcc56f0457bacc633de0ff751f9
.smartadserver.com/ Name: pid
Value: 7387344376717378074
.lijit.com/ Name: _ljtrtb_26
Value: dae20180-897d-4967-862d-184aeca4dd29
.rubiconproject.com/ Name: khaos
Value: LQ58D8TE-Z-KF35
.linkedin.com/ Name: li_sugr
Value: 376fdda2-b5bd-4afc-bd00-0b2009f1f3bc
.linkedin.com/ Name: bcookie
Value: "v=2&2a1fc493-ae89-4a76-857e-da47b3f16065"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3077:u=1:x=1:i=1702560172:t=1702646572:v=2:sig=AQGD0PuVLSU9ea4WFuEnAJBrv8GZVsef"
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 32b239a0-ab2d-4809-b73e-d37dda384a87
.ipredictive.com/ Name: cu
Value: 935250ca-a545-48f5-9af9-b2e5e5320cdf|1702560172817
.lijit.com/ Name: _ljtrtb_80
Value: LQ58D8TE-Z-KF35
.bidr.io/ Name: bito
Value: AACbNU7K9gMAABLqgtK56w
.bidr.io/ Name: bitoIsSecure
Value: ok
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 0a85c1a2-f77a-482f-b519-c344e05b647d
.prebid.a-mo.net/ Name: sd_amuid2
Value: 0a85c1a2-f77a-482f-b519-c344e05b647d
.hb.yahoo.net/ Name: visitor-id
Value: 3455617730813352000V10
.hb.yahoo.net/ Name: data-mag
Value: LQ58D8TE-Z-KF35~~63
.primis.tech/ Name: csuuid
Value: 657b01ad06bea
.intentiq.com/ Name: intentIQ
Value: xV54ja8gTG
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1702560173273
.360yield.com/ Name: tuuid
Value: cd1347e3-c502-4545-a8eb-66a3dc736273
.360yield.com/ Name: tuuid_lu
Value: 1702560173
.360yield.com/ Name: um
Value: !79,wbio.K5dqPYMroParhXv-8ltBlsaaZ6DhM21TgYSLlUjgyH3JC6NBGLCdP23ceFNzI3wvh.LUY3nuv6Z,1710336173
.360yield.com/ Name: umeh
Value: !79,0,1764768173,-1
.connatix.com/ Name: cnx_userId
Value: 4235b744549846ab93810afb46e7b692
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: partitioned_bundle
Value: zWWOa18wc2tKVXJzRjRlNExGUjBaN3YlMkJjJTJGWnFiTU9KRTFrNCUyQjliWWRvZXd6SlhrdExIbHp1M2glMkJwU1p4Sk5IdGJDRWtjdSUyQnhvWXBOTVBCbSUyQndUYWoyUHpiS2NDczdHZHhBUGpQeHdtSG91MERaeFV2NHpmZlMzazZqMElTUkJhU3BITTV5ZExjWFFVYzc4S3QlMkZoRWY5Z01Qeml1UVF2eEVsUFk4ZVJDTTl5OEFCNEx1bjhRSGh4enRZWGNwc2tGd1dCJTJC
www.theguardian.com/ Name: cnx_userId
Value: 4235b744549846ab93810afb46e7b692
.lijit.com/ Name: _ljtrtb_27
Value: a8eab6db-f103-457f-bed9-4e45a07b3671
.sitescout.com/ Name: ssi
Value: 79f4e10a-9b81-4625-a07e-2ef27bc1336e#1702560173633
.go.sonobi.com/ Name: HAPLB8G
Value: s85137|ZXsBs
.resetdigital.co/ Name: ckbk
Value: 0000012266C77743
.tremorhub.com/ Name: tvid
Value: 5386f09ab60942b0bf03901dd195331f
.tremorhub.com/ Name: tv_UISCX
Value: 4235b744549846ab93810afb46e7b692
.sundaysky.com/ Name: sskyu
Value: d6.251ff9da82e243168276034676d00250
.sundaysky.com/ Name: sskyCreationTime
Value: 1702560173659
.tynt.com/ Name: uid
Value: Vz/bJWV7Aa3Mu3ZvEYMfrA==
.id5-sync.com/ Name: 3pi
Value: 434#1702560172400#472880593|264#1702560173267#839458360#a8eab6db-f103-457f-bed9-4e45a07b3671|203#1702560172882#1065614209#32b239a0-ab2d-4809-b73e-d37dda384a87|108#1702560173093#-1157682907|124#1702560173444#-494672813|1245#1702560173666#-465991545
.intentiq.com/ Name: IQPData
Value: 95808133#1702560173755#0#1702560173272
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeVE0eWk1IzE1Mzg2XzAmVHlRNHlwbw
.jivox.com/ Name: jvxsync
Value: tYq4YPKioPG6
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNDVldDY1Iix0OiJuaSJ9fQ=="
.colossusssp.com/ Name: gtm_usr
Value: f3253eeb-da02-4471-8b96-2801d8188624
.colossusssp.com/ Name: lmg_r
Value: 74
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 9364ca655e5fb7012282723232e5ba8b
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrWZcC6SgAAATUgGP"
.theguardian.com/ Name: _cc_id
Value: 9364ca655e5fb7012282723232e5ba8b
.theguardian.com/ Name: panoramaId_expiry
Value: 1702646573951
.theguardian.com/ Name: panoramaId
Value: 6d390af748e03557c37b22bc85a2a9fb927a6ef0792634fb659bc3e944e7eb14
.theguardian.com/ Name: panoramaIdType
Value: panoDevice
.the-ozone-project.com/ Name: ozone_uid
Value: 2ZXElT44f6awK1IJP5wYDs15RRY
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553&KRTB&23418-79f4e10a-9b81-4625-a07e-2ef27bc1336e-657b01ad-5553
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-935250ca-a545-48f5-9af9-b2e5e5320cdf&KRTB&23011-935250ca-a545-48f5-9af9-b2e5e5320cdf&KRTB&23355-935250ca-a545-48f5-9af9-b2e5e5320cdf
.creative-serving.com/ Name: tuuid
Value: 61447524-3c78-4a5c-8342-ce68ffc0279d
.creative-serving.com/ Name: c
Value: 1702560175
.creative-serving.com/ Name: tuuid_lu
Value: 1702560175
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1702560173711%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1702560175029%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1702560173711%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1702560175029%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1702560175029%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1702560173711%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1702560175029%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1702560173711%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1702560173711%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1702560175029%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1702560173711%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1702560175029%7D%5D
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_e3eff050-9a83-11ee-b183-121a6d1d7927
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7124857179851734154&KRTB&23339-7124857179851734154
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3775486543021645614&KRTB&23150-3775486543021645614&KRTB&23527-3775486543021645614
.quantserve.com/ Name: mc
Value: 657b01af-0f889-f2bca-f26d3
.deepintent.com/ Name: CDIUSER
Value: di_0017631c80754d2ab5c95
.bfmio.com/ Name: __187_cid
Value: FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B
.bfmio.com/ Name: __io_cid
Value: 2de18df08ecdb622342abcf3aade624d03a9b5fa
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXsBrwAG4O4N7wBU
.thrtle.com/ Name: mc
Value: eyJpZCI6IjUyNDc0M2E4LTY1ZDMtNDY0NS04YjJmLTY1YjAxYTg0N2VjOSIsImwiOjE3MDI1NjAxNzUwOTEsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CAB_10DAE562F_1FED0DF4&KRTB&23092-R35CAB_10DAE562F_1FED0DF4
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-JIqtCSKO-w0_j_xTKoa3DSDd-Qo_2ahddowin3wa&KRTB&19420-JIqtCSKO-w0_j_xTKoa3DSDd-Qo_2ahddowin3wa&KRTB&22979-JIqtCSKO-w0_j_xTKoa3DSDd-Qo_2ahddowin3wa&KRTB&23462-JIqtCSKO-w0_j_xTKoa3DSDd-Qo_2ahddowin3wa
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: ccb9bdcf-0efa-535c-84ef-2ea4e1942f0b
.betweendigital.com/ Name: ss
Value: 1
.zemanta.com/ Name: zuid
Value: MF_DK0ca-rYwg9tzmgTO
.betweendigital.com/ Name: ut
Value: ZXsBrwABsZjobh70pURIza02pcb5ypRo0DyDcQ==
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwPBGJ19eXAHX1J8DHQ4nXCwIbsOQj5vCIq50f-142Kt4_NRJGr2lBxweJQC4TM1
.technoratimedia.com/ Name: tads_uidp_37
Value: a2c49c80-bfca-3f73-9173-b6168bdd4562
.technoratimedia.com/ Name: tads_uidp_44
Value: LQ53NFHY-Q-3GG1
.technoratimedia.com/ Name: tads_uidp_45
Value: D257191D-8798-427F-8948-32BF9D7CBC3C
.technoratimedia.com/ Name: tads_uidp_46
Value: 939548490387556890
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAF2BLntJHmNANFXyMVAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: c4a4068b-4bd6-4cb5-8aef-af99eca6c4f9
.technoratimedia.com/ Name: tads_uidp_61
Value: 212379687418576
.technoratimedia.com/ Name: tads_uidp_62
Value: 3455538490813328000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: kQpjQZaVJ5EF07Ktlc4uOtGW6Mvsr8oa
.technoratimedia.com/ Name: tads_uidp_7
Value: f4760153-a7ff-4bbf-a203-a942bb658b1a
.technoratimedia.com/ Name: tads_uidp_73
Value: AACbNU7K9gMAABLqgtK56w
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-acaa7b7a-7fb8-4f49-9095-e9c837e0ac71-005
.technoratimedia.com/ Name: tads_uidp_77
Value: s-lwxbJj3AGNH344JII-oQGpUtUSeZwk2B1STB1fBtE
.technoratimedia.com/ Name: tads_uidp_79
Value: 97d675aa-9c1c-4b8f-8413-9c466da2c800
.technoratimedia.com/ Name: tads_uidp_80
Value: y-HDNfYy1E2uExDeoYeEk2X57oKjCZTr3f~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZXriuWYI34PLvWCA.qYAmwAA&3696
.technoratimedia.com/ Name: tads_uidp_88
Value: 1571499756900866679304
.technoratimedia.com/ Name: tads_uid
Value: A54D3649B46E418F8631C93BA94D335E
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220904154950+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.postrelease.com/ Name: visitor
Value: 9a252594-fdfa-439d-b059-48e22fba9d97
.postrelease.com/ Name: status
Value: 1
.openx.net/ Name: pd
Value: v2|1702560172.3|vPvMgakWgy.mmiKbwuYeShEgKwrg2f8
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ojk|4is.0.CAESELzmATKFen5ixv2KJGwQzKY|7Xz.0.1|7LJ.0.4f1de70f-98b5-4f31-a55d-78f855a57328|7dN.0.AACbNU7K9gMAABLqgtK56w
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw850bZBlKJ6VqeMVDlwXyUSA6BIPhhz%2BF2kINf4Zba3fN1WbMc68HODW%2FOYFmL%2BxGTgETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6%2FYxYJKTK%2FOM9I2jAoATUlg%3D%3D
aorta.clickagy.com/ Name: chs
Value: [{"ch":"185","t":"2023-12-14 13:22:52"},{"ch":"4","t":"2023-12-14 13:22:55"}]
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231214%22%2C%22143%22%3A%2220231214%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M4/0D>6NRF']wIg2E>yrHf<n!A#G0.CK$wNl!cV/Crc4=DZB<ifL*XdZ!E_gjn$Vidx^_dX^BWC4]U=GdD1N_8n0wT%MtON^o5<*-Xnq?:gZ'emnm).owik)fy)H%qSUv
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxMTk5NDI4MzUyNjgzMjk0NTY4NjgiLCJleHBpcmVzIjoiMjAyNC0wMy0xM1QxMzoyMjo1NFoifSwicnViaWNvbiI6eyJ1aWQiOiJMUTU4RDhURS1aLUtGMzUiLCJleHBpcmVzIjoiMjAyNC0wMy0xM1QxMzoyMjo1NVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0xNFQxMzoyMjo1NFoifQ==
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACbNU7K9gMAABLqgtK56w
.mxptint.net/ Name: mxpim
Value: R35CAB_10DAE562F_1FED0DF4.1.0000000000000000657B01AF0000000000000000000000000000000000000000000000000000000000000000657B01AF
.rqtrk.eu/ Name: browser_id
Value: 1:02a16827-0928-4609-9adb-d867e1c6b855
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAB0F2ktG-tsAN-IM9-AAAAAAA&KRTB&22713-AAAB0F2ktG-tsAN-IM9-AAAAAAA&KRTB&22715-AAAB0F2ktG-tsAN-IM9-AAAAAAA&KRTB&23519-AAAB0F2ktG-tsAN-IM9-AAAAAAA
.ads.yieldmo.com/ Name: ptrrc
Value: LQ58D8TE-Z-KF35
.dotomi.com/ Name: DotomiTest
Value: 3ae60d881339241d
.serverbid.com/ Name: CONSUMABLEID
Value: dccebc628c614f488ebc628c614f486f
.adgrx.com/ Name: ADGRX_UID
Value: e4155534-9a83-11ee-b616-b78795e4e1b7
.aniview.com/ Name: 1_C_5
Value: LQ58D8TE-Z-KF35
sync.aniview.com/ Name: 1_C_5
Value: LQ58D8TE-Z-KF35
.mathtag.com/ Name: uuid
Value: 8616657b-01af-4e00-8f0f-56f36e2239ec
.adgrx.com/ Name: ADGRX_CM_RUBICON_BRIDGED
Value: 1
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUTU4RDhURS1aLUtGMzUiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1NS4zMTM2NjcyODZaIn19fQ==
.undertone.com/ Name: UID_EXT_47
Value: LQ58D8TE-Z-KF35
.adotmob.com/ Name: uid
Value: 09ea220400de7a0f604f49a7
.adotmob.com/ Name: uuid
Value: 09ea220400de7a0f604f49a7
.adotmob.com/ Name: partners
Value: AYL%3A1702560175317
prebid-s2s.media.net/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUTU4RDhURS1aLUtGMzUiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1NS4zNTA5NTU4MTJaIn19LCJiZGF5IjoiMjAyMy0xMi0xNFQxMzoyMjo1NS4zNTA5MjkyNDJaIiwiaG9zdF91aWRzIjp7Im1lZGlhbmV0Ijp7InVpZCI6IjM0NTU2MTc3MjA4MTMzNzQwMDBWMTAifX19
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.dotomi.com/ Name: DotomiUser
Value: 736707351853981633$3$83245322$$1
.dotomi.com/ Name: receive-cookie-deprecation
Value: 1
.ctnsnet.com/ Name: cid
Value: 5859e26ff7e74a5abd461b1685eb82c5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 3978200c-b893-457a-bcc4-bbc39cf6e216
.adsby.bidtheatre.com/ Name: __kuid
Value: 370cc22f-cf69-401b-bdaa-5ae126186c01.471774175
.adfarm1.adition.com/ Name: UserID1
Value: 7312440271109945492
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: C
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8365-2!8365-3!8365
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.smartadserver.com/ Name: csync
Value: 22:6966150491777740634|66:09ea22040002f8105aa07fdc|104:LQ58D8TE-Z-KF35|127:AACbNU7K9gMAABLqgtK56w
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5023303428203664878&KRTB&23263-5023303428203664878&KRTB&23481-5023303428203664878
.adform.net/ Name: uid
Value: 546081868503611178
.fwmrm.net/ Name: _uid
Value: ume914a_7313579709520749416
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: ume914a_7313579709520749416
.ads.stickyadstv.com/ Name: MRM_UID
Value: ume914a_7313579709520749416
.ads.stickyadstv.com/ Name: uid-bp-892
Value: a8eab6db-f103-457f-bed9-4e45a07b3671
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AACbNU7K9gMAABLqgtK56w
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-xFBc.MdE2oM7yrOZf.vZF2VHI2SPQc01jfLAfrVQ~A
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESELX6jpEEiNw4b71TuvlBdRU
.w55c.net/ Name: wfivefivec
Value: 5qefavUm1RdLG05
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: 5qefavUm1RdLG05
.admixer.net/ Name: am-uid
Value: bc8f40ee16e34a29bed3d140d1dec4b2
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 7124857179851734154
.ads.stickyadstv.com/ Name: uid-bp-20721
Value: 3689d91e-b12c-4aef-8922-534aedc7ad33
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 935250ca-a545-48f5-9af9-b2e5e5320cdf
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1WMuQ2AMBDAxABUEWME3X8XtiGKGIiSkpKSCaHiaSy5sM-uRwdSA_RApDV5NIPGrBlJJYvdiFIkz8EqUHkhrNMT0UjFyZS39J6I1fe_xzF8HMEvZq7HUXoAAAA
.w55c.net/ Name: matchpubmatic
Value: 5
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFGGg9oRq6YbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRhoPaEauj3RoaXJkUGFydHlVc2VySWRXSDBlQ2VQWkhZS3FwSGJRelI0MmZISXNQ+4Ay+kLEQyUBRhoPaSOwRCUBRhoPaSOwRSH7gDb6QsxDJQFGGg9pfoxEJQFGGg9pfoxFIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-e4155534-9a83-11ee-b616-b78795e4e1b7&KRTB&23275-e4155534-9a83-11ee-b616-b78795e4e1b7
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-970314646804484354
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-3978200c-b893-457a-bcc4-bbc39cf6e216&KRTB&23340-3978200c-b893-457a-bcc4-bbc39cf6e216&KRTB&23498-3978200c-b893-457a-bcc4-bbc39cf6e216
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:5qefavUm1RdLG05&KRTB&23421-uid:5qefavUm1RdLG05
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-2w51-qyfWF5reWb4xqKsmAW16oU&KRTB&23334-2w51-qyfWF5reWb4xqKsmAW16oU&KRTB&23417-2w51-qyfWF5reWb4xqKsmAW16oU&KRTB&23426-2w51-qyfWF5reWb4xqKsmAW16oU
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-864661978466&KRTB&23428-864661978466
beacon.lynx.cognitivlabs.com/ Name: ss
Value: HmaD6xYBSS02vrM9sbDxQVjEaf%2F8LtGrNrM9qo%2B71YzrmJsWkkL6Z7FGVaw60bWuwfoxYEgHsMBfko3zm9vEhQ%3D%3D
.rlcdn.com/ Name: rlas3
Value: 05pHZggfOkvYYDhQIXJa9SV1dNfgAygWSePBI/UQxKU=
.rlcdn.com/ Name: pxrc
Value: CKyD7KsGEgUI6AcQABIFCOhHEAASBgi66gEQBhIGCLjrARAD
.tribalfusion.com/ Name: ANON_ID
Value: aJnv7yp26Ua8e4OCaUoUu69mZdDcNQy92dnZbrIPYL7pnqvCWmn0yEcfTC3JoGv6TVTC7o1po5Siks3JDVYORcKbRONdj1oZaG1AMSU3vlRTZckaMWNKJqBS
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUdf40ffcc56f0457bacc633de0ff751f9&KRTB&23485-OPUdf40ffcc56f0457bacc633de0ff751f9&KRTB&23524-OPUdf40ffcc56f0457bacc633de0ff751f9
.richaudience.com/ Name: pdid
Value: 3edc116a-6db0-4018-b127-1zz1702560168
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_2c113848-b023-464a-a9fc-d1c90330732f
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2flp:18z8~2flp:18vk~2flp:19e0~2flp:18za~2flp:19bl~2flp"
.rubiconproject.com/ Name: audit
Value: 1|2HqS49XJZpFKLLZPUyM0Sp//PQ8mTtbNLnabvdBPWbtGXlzst0zOc3XlCYji6/VWYsfKA6LiiCWWvb2LdLTR6cfb44cvqHi7
.servenobid.com/ Name: pid_312
Value: 7124857179851734154
.servenobid.com/ Name: pid_321
Value: RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
.servenobid.com/ Name: pid_317
Value: 7387344376717378074
.servenobid.com/ Name: pid_353
Value: 3455617720813374000V10
.lijit.com/ Name: ljtrtb
Value: eJwdzcGKAjEMgOF36dlAO02T1KOMiuzCKKzL4K1t2sseFnaP4rsbPQV%2BviR3R%2BS2TgiJQmax4TYu%2BGhxOV91oB%2BjtUTDY%2BJaWqMYtVvkFEY2O732tfTJB%2FEgmRUwE4PQpBAES28FVae3ZbNFeqmkFYa9Abs6oHbNgB1T8VwjcTAr3uznJcksX3u4wcchpldGy7f1f%2Fe3HE9rWH9%2FFs%2FX7%2FmwpyO7xxP24TRO
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_310
Value: H0eCePZHYKqpHbQzR42fHIsP
.id5-sync.com/ Name: id5
Value: b2ff364d-f923-76b0-ae7a-f11036325791#1702560172303#3
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1703808000%3A35%7C1703721600%3A21_176_54_234_55_240_56_233_214_238_104_178_7_5_231_8_249_46_3_264_165_81_220_71_166_96_243_22_48_250_13_99%7C1703376000%3A63%7C1703116800%3A223_2_15_38%7C1705104000%3A224%7C1707696000%3A69
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8616657b-01af-4e00-8f0f-56f36e2239ec
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMjU2MDE3NTAxMCwiMTUiOjE3MDI1NjAxNzUyMDMsIjM5IjoxNzAyNTYwMTczNjk5LCIxNyI6MTcwMjU2MDE3NTE4MiwiNyI6MTcwMjU2MDE3MzY5OSwiNjQiOjE3MDI1NjAxODE0NzF9
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-102ccb58-8ace-429b-80ca-7458bce78d64-005%22%2C%22nxtrdr%22%3Afalse%7D
io.narrative.io/ Name: io.narrative.guid.v2
Value: e7c6c1e0-9a83-11ee-9828-02e4221a2b5f
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&KRTB&17107-RX-102ccb58-8ace-429b-80ca-7458bce78d64-005
.quantserve.com/ Name: d
Value: EKcBGgHUKvijDCDsvLEL7iA
.server.cpmstar.com/ Name: USER_ID
Value: %cc%c7E%f0%10%08%fc%0cWq%1axe%a1%92
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7558465811446236429P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-dae20180-897d-4967-862d-184aeca4dd29
.c.appier.net/ Name: _auid
Value: zTIyQveBA8eDRC-WtQF7ZQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-zTIyQveBA8eDRC-WtQF7ZQ
.pubmatic.com/ Name: PugT
Value: 1702560182
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 12
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1703116800%3A252_253_265%7C1703548800%3A257%7C1702598400%3A255_248%7C1703721600%3A236_260_228_226_219_201_261_258_263_259_256_262_245_235
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1702581784524
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTIyNTcwOTA4MjQ4NzUiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMzowMS4yODU5MDA0MDdaIn0sImFkZm9ybSI6eyJ1aWQiOiI1NDYwODE4Njg1MDM2MTExNzgiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1Ni4zODEwOTEyNTJaIn0sImFkbnhzIjp7InVpZCI6IjcxMjQ4NTcxNzk4NTE3MzQxNTQiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1NS4wNzY4NTgyMjFaIn0sImFteCI6eyJ1aWQiOiIwYTg1YzFhMi1mNzdhLTQ4MmYtYjUxOS1jMzQ0ZTA1YjY0N2QiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMzowMS4yMjc5MjY4NjdaIn0sImJlZXN3YXgiOnsidWlkIjoiQUFDYk5VN0s5Z01BQUJMcWd0SzU2dyIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU4Ljg4MjQ2NTE0OVoifSwiY29udmVyc2FudCI6eyJ1aWQiOiJBUUVMT0U1djY2M2V3QUlGOXpnTEFRRUJBUUUiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMzowMS4xNDkxNDEzMDNaIn0sImZyZWV3aGVlbHNzcCI6eyJ1aWQiOiJiZDZkOWI4NWQwMTYxMDQ5MTdhMzc0M2U4MjJmM2EzNyIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU1LjYyMDkyNDM0MVoifSwiZ3JpZCI6eyJ1aWQiOiJkYWUyMDE4MC04OTdkLTQ5NjctODYyZC0xODRhZWNhNGRkMjkiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMzowMC45MjY0MzA0OTNaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6ImNkMTM0N2UzLWM1MDItNDU0NS1hOGViLTY2YTNkYzczNjI3MyIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU4Ljg0MjkwMjg5MVoifSwiaW5tb2JpIjp7InVpZCI6IklENS1kM2ExZFJoUnNmclZ2dUp3bklrT3owWTFVN0YyWmZfaXZPenpseFpjNGciLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMzowMC44NTkwMjA1NDNaIn0sIml4Ijp7InVpZCI6IlpYc0JyTGtwYm1nTGdxLU42cThURUFBQVx1MDAyNjEzMzIiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1OC42ODIyODAwNDVaIn0sImthcmdvIjp7InVpZCI6ImU0NWU5MWY3LTgwZGMtZTM0NC0zZjY2LTM4ZGZlZDZjOThmMiIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU5LjAyMjQ4ODY5N1oifSwibWVkaWFuZXQiOnsidWlkIjoiMzQ1NTYxNzcyMDgxMzM3NDAwMFYxMCIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU1LjU1NDYyNDY4OFoifSwib3BlbngiOnsidWlkIjoiYTU2ZjRiYmItMGMxMi0wOTAxLTBlNWYtZTI1MDgzMDQ4N2UzIiwiZXhwaXJlcyI6IjIwMjMtMTItMjhUMTM6MjI6NTkuMjQxMzk2OTg2WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJGQzZDQThDNy0xRDBCLTQ2OTMtQTM1RC01MEFFOUNGRTA3M0IiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMzowNC41NDQyODg3NjNaIn0sInJpY2hhdWRpZW5jZSI6eyJ1aWQiOiIzZWRjMTE2YS02ZGIwLTQwMTgtYjEyNy0xenoxNzAyNTYwMTY4IiwiZXhwaXJlcyI6IjIwMjMtMTItMjhUMTM6MjI6NTguNjMyNzU0MjUyWiJ9LCJyaXNlIjp7InVpZCI6IklCZzRvQW4tQ3BfcyIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIzOjAwLjIzODM4NzQ5WiJ9LCJydWJpY29uIjp7InVpZCI6IkxRNThEOFRFLVotS0YzNSIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU5LjM0MzE4NzEwMVoifSwic2hhcmV0aHJvdWdoIjp7InVpZCI6ImU0YjllNTk5LTBlNmQtNGIyNi1hOTRlLTBkZjJhNzVlZmM4ZSIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU1LjIwNTEyMzgzOFoifSwic21hcnQiOnsidWlkIjoiNzM4NzM0NDM3NjcxNzM3ODA3NCIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIzOjAxLjA3NDAyNDY3OVoifSwic29ub2JpIjp7InVpZCI6IjRmMWRlNzBmLTk4YjUtNGYzMS1hNTVkLTc4Zjg1NWE1NzMyOCIsImV4cGlyZXMiOiIyMDIzLTEyLTI4VDEzOjIyOjU1LjE1Nzk4OTAxWiJ9LCJzb3ZybiI6eyJ1aWQiOiJIMGVDZVBaSFlLcXBIYlF6UjQyZkhJc1AiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1OS4xODkzMDAzNzZaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMTE5OTQyODM1MjY4MzI5NDU2ODY4IiwiZXhwaXJlcyI6IjIwMjMtMTItMjhUMTM6MjM6MDEuMzQ5NjAwNzJaIn0sInR0ZCI6eyJ1aWQiOiJhOGVhYjZkYi1mMTAzLTQ1N2YtYmVkOS00ZTQ1YTA3YjM2NzEiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1OS4xNDEwOTg0NzFaIn0sInVucnVseSI6eyJ1aWQiOiJPUFRPVVQiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1OS4zMDc2MjYwOFoifSwieWFob29zc3AiOnsidWlkIjoieS1GWFJfZW1KRTJ1RXFvMTRRcU5IeldaRE5xUWI5akpLeUc2d3FFMUEtfkEiLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1OC43OTQ0ODA2MTJaIn0sInlpZWxkbW8iOnsidWlkIjoiM3ppRFh5eUdHRHlCZUhIcUI5RG0iLCJleHBpcmVzIjoiMjAyMy0xMi0yOFQxMzoyMjo1OC45MjQwMjM1ODlaIn19LCJiZGF5IjoiMjAyMy0xMi0xNFQxMzoyMjo1NS4wNzY4NTUzMjVaIn0=
.agkn.com/ Name: ab
Value: 0001%3Al%2FkJnOhs2NgLAHRVyr1U7JOjEiPY4NRU
.semasio.net/ Name: SEUNCY
Value: B1FC6BD82EF1B099
.onaudience.com/ Name: cookie
Value: ed5e970f381e7905
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIipqT67msvjwQBRIUCgV0YXBhZBILCL6LoOy5rL48EAUSFwoIcHVibWF0aWMSCwjOnunsuay-PBAFEhYKB3J1Ymljb24SCwiIg7Lwuay-PBAFEhkKCmxpdmVpbnRlbnQSCwiYtZr7uay-PBAFEhYKB3N2eDl0NTASCwiY2dmFuqy-PBAFGAEgASgCMgsIyP7kkNGsvjwQBTgBWgd4a3N3OWxhYAI.
.audrte.com/ Name: arcki2
Value: al9qoRv4pceS6e19O1DoNgrdg!20220908!1702560184820!ip#5.181.234.133
.audrte.com/ Name: arcki2_pubmatic
Value: FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B!20220908!1702560184820
.onaudience.com/ Name: done_redirects219
Value: 1
.audrte.com/ Name: arcki2_ddp2
Value: al9qoRv4pceS6e19O1DoNgrdg!20220908!1702560184942
.zeotap.com/ Name: zc
Value: 61aeb2ab-3ec0-4eff-4f38-e3822efaa746
.zeotap.com/ Name: zsc
Value: %AAE%F1%10%B3%F5%24%5C%17%15%85u%FAD2%97-%06%9Fg%E8%17%14k%E5p%9A%87%B4%94H%B3%05%2B%16bz%F8X%83%60z%93q%1FQ%D3X%2B%EE%C3%1F%EF%A7%22%D5%BD%CF%9EX%80K%A2u%A1%5CM%AD%E7%C0%B2W%03%BA%8E3D%A0%A1%D6%97+%A9
.audrte.com/ Name: arcki2_adform
Value: 546081868503611178!20220908!1702560185457
.pubmatic.com/ Name: SPugT
Value: 1702560186

13 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, microphone, midi, geolocation. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20FC6CA8C7-1D0B-4693-A35D-50AE9CFE073B&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=4f1de70f-98b5-4f31-a55d-78f855a57328
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://cds.connatix.com/p/397463/402.js
Message:
Refused to load the script 'http://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D4235b744549846ab93810afb46e7b692%26pname%3DIqZone%26api-tier%3D1%26uid%3D%25USER_ID%25&gdpr=0' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://static.adsafeprotected.com/sca.17.6.2.js(Line 31)
Message:
Refused to load the font 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:".
javascript warning URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.service-web-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.service-web-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cds.connatix.com/p/397463/connatix.playspace.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=7387344376717378074&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.
security error URL: https://www.theguardian.com/world/2023/dec/11/forged-documents-how-ukrainian-grain-may-be-enriching-putins-circle
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=RX-102ccb58-8ace-429b-80ca-7458bce78d64-005&pId=44' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ad2.360yield.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.twitter.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api.intentiq.com
api.nextgen.guardianapps.co.uk
api.permutive.com
as.jivox.com
assets.guim.co.uk
at.teads.tv
b1h-euc1.zemanta.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bpi.rtactivate.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
cae8c2ea28e3374f652de81f8b96026c.safeframe.googlesyndication.com
capi.connatix.com
cd.connatix.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.indexww.com
cdn.permutive.com
cdnjs.cloudflare.com
cds.connatix.com
ce.lijit.com
choices.truste.com
cks.connatix.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms.quantserve.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
contextual.media.net
contributions.guardianapis.com
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csm.va.us.criteo.net
csync.loopme.me
csync.smilewanted.com
d.turn.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
de.tynt.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
events-ssc.33across.com
exchange.mediavine.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.ctnsnet.com
i.guim.co.uk
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ins.connatix.com
inv-nets.admixer.net
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
krk2.kargo.com
lit.connatix.com
live.primis.tech
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
ophan.theguardian.com
ox-rtb-us-east4.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pbs-cs.yellowblue.io
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-s2s.media.net
prebid.a-mo.net
protected-by.clarium.io
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
rbp.mxptint.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
rubicon-match.dotomi.com
s.amazon-adsystem.com
s.company-target.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
sourcepoint.theguardian.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.resetdigital.co
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.co
tags.crwdcntrl.net
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usr.undertone.com
va6-bid.adsrvr.org
vid.connatix.com
visitor-us-east-2.omnitagjs.com
visitor.omnitagjs.com
vop.sundaysky.com
wt.rqtrk.eu
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.theguardian.com
x.bidswitch.net
xsync.iqzone.com
z.moatads.com
ad.mrtnsvr.com
ads.servenobid.com
ads.stickyadstv.com
as.jivox.com
capi.connatix.com
cdnjs.cloudflare.com
cds.connatix.com
cks.connatix.com
cm.adform.net
cs.media.net
csm.va.us.criteo.net
id5-sync.com
imasdk.googleapis.com
match.adsrvr.org
pagead2.googlesyndication.com
rtbc-ue1.doubleverify.com
vid.connatix.com
xsync.iqzone.com
104.117.182.209
104.18.38.76
104.18.41.104
104.22.69.131
104.244.42.67
104.244.42.69
104.36.115.111
104.36.115.113
107.178.254.65
107.20.138.145
107.21.52.231
13.225.195.23
13.33.17.200
134.122.57.34
135.148.2.56
141.94.171.216
141.95.98.64
146.75.36.157
147.28.129.37
15.197.193.217
15.235.42.104
151.101.130.49
151.101.65.111
159.89.246.130
162.248.18.34
162.55.233.28
165.227.251.217
172.105.199.172
172.217.13.194
172.253.115.156
172.64.144.78
172.64.146.152
172.64.151.101
173.231.178.77
18.207.78.168
18.215.67.38
18.239.225.14
184.86.146.172
185.167.164.39
185.167.164.43
185.184.8.90
192.132.33.68
195.5.165.20
198.148.27.131
198.24.170.28
199.250.162.129
199.38.167.131
20.127.253.7
20.40.202.2
207.198.113.86
213.19.162.80
213.227.153.220
216.200.232.249
23.1.200.83
23.105.12.143
23.105.12.170
23.108.103.8
23.220.109.13
23.220.110.24
23.51.57.155
23.56.162.28
23.56.163.106
23.56.163.154
23.56.220.66
23.88.86.2
2600:141b:1c00:f::172c:c9cc
2600:1f18:1aca:4282:43b2:9ac0:b6a1:39c2
2600:1f18:4e9:5a02:66d2:da85:8248:ed74
2600:1f18:612b:4232:d668:fd9c:9cad:2b9f
2600:1f18:ed:550a:cd25:a651:9c8e:3acd
2600:9000:215f:fc00:8:48e:53c0:93a1
2600:9000:21a2:3800:1a:5235:f980:93a1
2600:9000:21a2:f400:1b:6b7d:2300:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6816:1957
2606:4700:20::ac43:4842
2606:4700:4400::ac40:90a6
2606:4700::6810:3865
2606:4700::6811:190e
2606:4700::6811:7711
2606:4700::6812:18ad
2606:ae80:1471:1c::2010
2606:ae80:1471:1c::2100
2607:f350:3:2569:0:10:0:200d
2607:f8b0:4004:c0b::9c
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::2006
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a04:4e42:200::367
2a04:4e42:600::367
3.162.1.135
3.162.3.119
3.162.3.25
3.162.3.33
3.162.3.37
3.162.3.51
3.162.3.74
3.162.3.79
3.162.3.89
3.225.218.10
3.230.74.156
3.92.120.184
34.107.140.113
34.107.148.139
34.107.254.252
34.111.113.62
34.117.228.201
34.117.239.71
34.149.50.64
34.160.19.107
34.197.219.74
34.202.194.6
34.205.215.181
34.251.97.118
34.95.113.183
34.96.105.8
34.96.71.22
34.98.64.218
35.169.93.15
35.173.52.203
35.186.193.173
35.194.66.159
35.211.118.13
35.211.178.172
35.211.81.111
35.214.138.188
35.227.252.103
35.241.9.51
35.244.154.8
35.71.139.29
37.157.4.28
38.68.201.140
38.91.45.7
38.98.69.175
40.76.134.238
44.197.22.251
44.198.25.64
44.199.51.202
44.216.234.174
45.137.176.88
50.31.142.63
50.57.31.206
51.222.39.185
52.0.187.21
52.1.92.31
52.14.231.222
52.19.137.36
52.206.176.4
52.21.58.192
52.22.12.118
52.46.128.147
52.72.18.3
52.72.183.95
52.86.134.182
54.156.158.209
54.157.57.36
54.166.150.36
54.192.51.126
54.192.51.46
54.209.94.68
54.210.243.216
63.251.114.137
63.251.28.233
63.251.86.51
67.202.105.23
67.202.105.34
67.220.228.201
68.67.160.114
69.166.1.64
69.194.240.13
69.90.254.78
70.42.32.127
72.44.36.234
74.119.119.139
74.119.119.150
8.28.7.82
8.28.7.83
8.43.72.97
8.43.72.98
82.145.213.8
85.114.159.93
96.46.186.182
96.46.186.59
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0642b73160450089f5a5363ff92d696f5d3b4a64d8eaf8d96619ae0d2b1561fb
06add7ea48455de92086b4abfb97bbf4596db5dc65f63d51e5ec8660088aba88
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0727261693494ddef8482746e4fd62fbd98291a65086dae5b3b47755184adf03
078b04768681dc7671533ab48a20524ec50df22101170289c91e64cdceb2d10f
0939e1aa08e9178f41a836a10f5dab1f16ec260160c9a8369c03cde3e2345497
0a714f258753b7a09ae84dd3bf9507add8a29df7fb721f676bcd6a3ad1989c0f
0b11fc94fb25257e469cd3c0bcb2971bc4ea615bc3240d4cf07923d18c88b09b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc2b1f83f9fc9e36466385450de81b0d6bbbd65b426d842e0ddb6e419016761
0eb12f9276a02fa066eb6daf7ddbaad28c4fd2d4f4312756d7941ed1e854011d
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f0c4b39d863ac2ca20e15b9ee2a177c5fea8e6b61c5065470c150a7280d39f7
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
0f6908f38a27d627e119dfa1384d3882a3b3a09ec8aa57c1edc25985d941debd
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
139c8b3770d40c79c900930e9994fb307009f405e82887215a625fa1f7dd1fc4
16b1965919373fecd13455a5aeb9278934d63073fb07a1b5479c93a6eaf4889f
17f03de576206e874d21996dd09f787469df59318e5b558151297de1a2a0844d
17f4e117bfb268b55154ee18408566ea1c05525b30eba1370f360d7d52bd0776
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19ae91ca51ea7341addb394168e7b47600185785e94f7d505e445e5c078a5743
1a08c08bf299b0eb67896eb83423e775d6066f44620154b7e420943e261a2f36
1b34f152be9116ba656be742c0e08a70f30f81b189bf5d57dfb56b5878430597
1f0e518110ff1a2ac91e0f40f99b7bb57554cc13e94a12f29bd6c46b6495fcea
249c7a199e4e8343db9c98a5cc5a2133fbd6bbd6270a250437240a9e4d745d90
279ff7f14f09778108224328f37a60f2bb826e0755173d13097839c6e4952dde
27eea70665fef2ba5f8a24edeff2f9f714f977fc221b8db54a725431dd8aaf3c
28083ad830d5e89eb9a3cac1a2d720f570e31f88615431a2b0b812787d692242
2959a5ab1fc0a80f53c3fbaff679b571b507634b321234070b38c93df622d004
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2cca67a2e1a9dc8165eaabe9a6aa873d90ecf2423ba7cfba6ff86ba0ea01a7f1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30172ddbd6ccdd6ecf126dfe6eaf5de7ec7c4480b1cc3b18103936b0bb7d6246
310d40a861dcd3b164afca5b7b8df8261ef18b574c2033542c28fa09c9b0912c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33d1f978b78978fba1eb9e7bc1f1b04b2dfce9d64b18f5c7f359af2a058049df
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3bb30804fbe6f0483929507387bfa0bd67e4dcd4d1d38ae70db6e66991910d8b
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b86416cb76d67743689e818c5a10791995ddc42898f9e6bc0164dcb08e8443
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466d775c3996c8b1412163ecd9f35a9659ea329d68e73e471b0e6ea64b7bee92
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dc17b11ef6a9fa67649add34061751f8110e954562b3c36d3b67730f167c50
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
47242098432885ff6449fd864249bf66f83d665577c76d97d98873087d9f0168
481238ccaa6be60d923897b147062e1fb4bce42e604b4d0a8649ef2df9d58ceb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498e7260d21d1b9ccc2d4e00f27a9852c066978712e91191fa9d8de7a12310cd
4a06a2473fc94728ac6d550c64832a8eff5937fb7a0a59a5ce9e64f760a79364
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5170f5938c3235fee72ca7d39b999d2744f494befd9ec7f1492e0fb5080047
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee6778a3a28827f92e64a5658fbc6ff6eb7bf8c1b8db54cfc7c90d3e67d610a
4ef9cb4cabe6655c921f9dd6ad5788b04d4e7a7e1a169ef3c08ab7a88d2819a3
4f3d315c93c004d53b1197076ffccbeff783959d4f673ea8b8e26384d7d5f9c1
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
5067e99790cce7ccec59d19beb3bdf0610003f8b4effe7738ed7e7f249d1383c
5105a671b848a36111043b2f18410e4cd83d59d468bec58f09b53fa9ed299ab2
5110dab7d83f6e73ee729877678cb0f2ab8aa5bddefa4e606fb6899d8e40ae2f
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
535b7a0cbfd2db5e7f845b4c974f3f9fe274421d8cba0ba1d2fe967420f1e00b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d7fc75d8c7e54b6b34d014e063d4f915fee3601d9351fa7028ec0f1f2b729f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e2c5c89de988c79731bfbe97bec7440875994bf99aabb74d3faf0a91ba8ed2
57a75b155309184c87f7679c50ff7f797a7ba4db6a22b6e0da0db47426a9522c
582447baaf731c15588f4584c185e3c710314be317fb363ef60788d9e0fdc550
58e982b16f79e3f1023a7f0abeb537d812be57ebc0c98ca4321be598138655b8
5a0365ea722c22a5e151beceb2a6010f5e22ac4c65db2bb43fa20d7a83fca3d4
5a9e922e1bd8eaf0540e82944501086d2a843c5b52b42a83d15f28f10dacc561
5abbb193961a4a7b0af255f4a2fc329d0c73214dad6f7cd8b2963a938bc57699
5bec15d928cc12789dbd1267a16c8b9b57e6ba2a9a51b4ce411bdcbb53fa73ba
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
6143960c81b8ce68e0c9280210e21fa1d82cec497ff89ce6afc63cd9ace67149
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b838a3e0936f72d25e0ba795bbe56fec047bacf36798562f2d5b2dc56520cb
6327b57b399830c9276d70f63c681b62f20322dcc12bda2abaf0a258d32fdb7a
636f9977a81d6d9fdc5805f871fe07e8c990526511384a0c757cc5456708ad81
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
699ccd961602dc8103dc1311b28b2b86f7705b54916598848c6d2d2fe81fa59f
6a3d1aa57f151a682618cb698ae2ec646edbe2b3c6c1bdaafaa4d58272156bcf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e0a84d43913f46215e1da913b01e7774e2a352056e8d6bfb49fe05eb550f4f9
6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa
6f2c590c5d4dee64206111a72cf45255c24b82e2de4e85518a723e4607562464
7061a231754256284569c8a443c965b6a3a96ed9369a71cb94c6a2a0f18242c5
718ac0d880e16881a119fff165c223f3e6453b1a89d003d8212efb673e9602cf
720f0a74e2cc8185b6d3a809a8abdd1539e2139420b36464f6caa8eede0d6d16
72775823b8411175a3070d86f5f034b784237eb696829a57802ebffcf43d5497
728b35f39180730c1c8f410a062daa8cb6af8f1f0b895011d4bf75ab54c6971c
73236c4e77aeaaed4ab91679ae7380c1f82d6137e922ae19d4bf6529cd440f5c
732693f538e4d28b2bc0b7d7bff40f84effaec15b151a40393bc376e673e1298
73b9f3bb538d95e8124d9971e793ea0f104fa3697bf2412e51f5fdf6bb206782
7581713c707c3b7ebb99449c3c6b3987ecc54a67cd50c9a0de5474a9851c347a
7612110c48f5cb56d11ce57bfba4a7f85fb4a3861b9e6aec6b674ead5e78d590
763ed5024812d5332db786f5e5558c3918acd536df31bb43226dddd0951b129a
76c3fb29e267003bd5112a42450f3d525f62ad4f8ec8e4199ec4955763d61e25
7880671c90edb64973b62806daa999697e566cf3899f2db747c772c70ffe521e
7a1f6dc2ce8d25a1592c827f4d20c3aeaef160aa84f2dd6b313e5c22afbbfcef
7b0583396299e814ee9e08bfd54eba2fbe9dee5aee3ce01f683e4a5b68c8bc9d
7c7c877d99de88d1191c44385c76d8a7165de72da9126c9ac8b8dfee948d5251
7d1d11a0463eae5991d3cb6e4bec84d5c115e5a5ea0e713f8704eb08456824c4
7df2a80425f1f1fcbfcfa5f127fe17c548a8fbdc079bcdadcae97f1840b44463
803dccff1029f499d8beea0653504c753683fe84df1d08a078335ce54c7f0519
81dd351bcd437894cb1d90c09e1d986df5e41e3d0003aa62fbf8d822be580809
822feca014bdfbe94094d5ca6918b7e85a60a44dab70daab5122549183e348b4
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83a01d18f4dabb33b45461cfb7f0a51b709ebec1f2eec81fd3702bf59ada376f
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85d38ac3a282923f07d5f681a7fbf77a90007c74786ba7347fa2c7fe5af9dc00
863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2
87feb8f4751667f3f38b7dd642a374f1d3627ae96f767c9d37aa3147040aea8d
899a432398194bc8c16ede42c087231946974337e7d9e0b5ea575224b78f0e67
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90738bd6a083bb0bb11633a2bf01ddf303e3f727c65292564e57482f22156587
915d207d227803e976fc7ea8180249af56242e5b87a06662c893288150d95785
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed
92b964d79a888f7546c1481db3bacdc0f67ecaf0abf87719f2bf150fda937a0c
95d03ed67a6bd4ef80ad450f24341d931c35ba97920a266cdb12b188b3fda431
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997b61e35494b3e15e599aee572ac9efdd793cbcb1b7001029c233d762294820
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9d63f1f37aa8938a46b6244133ac428f0bef4145993d42f8d7a7f73a8c1b3920
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3b1b771ce803e15c41a2f1e304ae045e7959cd2c90a432099ca79ab66fa35aa
a453ade31af0118629c4b7686eaae4e4248a1768b707e033d8d0f4eaf177c01a
a52730d26ed6560263b6cec4cef999ca09b673532a82bc73793e20d3ad1e642f
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
a8e5f40d76ef90cdbb820a45b56cd9d2ac7a89882d2d762d33c200ad7484db01
aadf2fdd0fcb02dd08b4160905bc3fa1fdaaef1e145ddf28ef8074f6fd1dca5e
ab17be372bef91eb0e542a362ad0781ec3ad8e31bbcc606dafbbd38f6e618d70
ab3a89997961b41cd20b53ab49cf5c88581a05139535f73e3406a995f7b9d4f3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac989f0c974de2c69248ca05c4edf0653d4f9ca4376c583996f3763aaeb2b86a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
addffd9bac0c33d0b0847fc7366cd8639b5f71158773a8bff474f8d48b64431a
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17413ddcc6c581ad591d8b6c8f80d05af6d7be74c7230a1397a9dff66fa91c6
b251135217e82004055c8d38fbd0cf9c378d25fa3e5d4549c26d666abfc1f3c1
b25ca687a2296148bc253cbf897dfce0285188588a79501d9de4176e875a74d3
b464761105661d7112fdeade9f9c6b8ab64ff68044de5e9a81e13cd2eeca1953
b4a0d8f313f50b66b27884637e505ac21cc083506b3c72b06f3e2faffe40b7b2
b57980a63fed50b368d20b35293283fce3a923a8fa07bbf6fd0abe695caf04de
b677cd181c01dfb61199e7c5e3a82538d4dde1871363c845fc895e2fc8369996
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
bc2aa378b67ab3bbc6a2529836c990747f5b3eac4114cdc2d32456ab1cdaff6a
bca44740e44f520ac56fe6f6f8ebd49c76dc191caf5ec4b45344552ef94f2bbd
bde26e24f51f1a3d2089bce22539ef56f3ef561cef93dce4a0ebd09bd180cf89
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
c06ea009bf34e09ef04a1544433e342ad5217dd69fc8a3e4ec97d46cc66ad0e3
c0da3f5dc9897d38decf5bff94b3c306fb265095b2c7f5be53a8800162dc5a9c
c1389825145451a1581f79b2b7afd5922778ce7fae8a435321dc7cc1c705eb4d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d034f935f7a855ef11c1eb539c155aeb31a7fa59932aec205c9e5f7564d26b
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3ef5936e463333e973ee8b485a76aaeb023870b84ae82c9aa0996704b9e65ff
c4194612af08eaab32d729c64ddb664bdf3f071543de3f54e1763095fa802c64
c4e602e23c2b970b4e8f0779be73bb7e3090b9cdca503496a6208f8e9b8a7d98
c5b24551298533a8152d2db58c044f24d04ac58a526d1ad6d3f81bc3159a9cac
c66cfd953713a3729fdc6bc7c851cec6c442190339cdcf3a52b8d70968d91b24
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
c734b36bcaf51d353da1e63321d1a5e9fc293745d05edc0b8a15482b8c1d1d5a
c7464e05d697159cf7654efffc31a1c5ef2f50a1ab8151ab8812249b7d2ac810
c9f495ef9692017a494270ccf46ad499054d480e2d033f3331ead79d74674bc8
ca2da895c1f36a21ee5b378739948d654880ac639753d0404ce214dfd5d45ceb
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbed55709808bd73561495adc0c1dc3bfec733542a5e657ec54f4ca9eab3006c
cc794a6799d94a229740dc280029bd81dd130c16715d0c9c47144fdfe92d447f
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1bf42c2df6fa95e0806bccd64191d78325514d758c455c0d959913a25d6a101
d2d6816ac95711958c94634e74d15a13e2a783ae5351f961a93a8498b59c4391
d3ccd5fb78b793c860b190121c8d4496bc376d68817e7f75e4be647b072ff56d
d6bcf8b4c72d4fb003cced12195d76155617d6ba5670a34976463dd713f10d83
d77827c58f8457e83a4a59cc44385e1e2bb45a2fcfdba8cb0c6ef90f9d5640bf
d7908214744d9ef01fb759b237b4e476d07bc96cc596bf317eeb9adb0e004468
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
d9d9dee38d8e7058d284407f0d1669329a3661c39de7ecf958fa4ba43f65d01e
da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e037c0d2b4a5ae363995ac86729f974124be40ef386cd9d1cebe4039d2f7c001
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43637e65522ec6f32cb08985a2390e64ae9b11e9d2570e7ff75e1a1c57a621c
e4e18bdd70ea17a3e40eac85e0bb2e9ce103a05afd639aaaecc989afbb06d42d
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66df9fa5f71b735520901fd6e7b7ba02530d64b59920c19dda40e0ad2c22757
e6c5b38ce2d48f036319f0e0a002be10f874dcc69e4bd913844faf5634d5e1b0
e8cb0292ed3a3f2d4382308771165764fe738e8ce3a1fd45f193fb535dda1f54
e8d39965c81e016d83b6b373b30b1f259d4aed6d79d3cdfd99fd9f8858a2b319
e91ad6f3253b9d5b5a4584630b96830a38ce944284464a13a257edd3ab59bbfd
eba164d29edaa769c27058950325993f0d98d1906f30c391f49215d27b1b6dc4
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15bcf274786feb77bd2ae396919a38f47923658e17b099d7fbefcd3406b8a27
f2fdeaea05eed185b472f02c7a859e2031456638ea8748d5c2d62bd033a1e8ae
f6c40beb66956bca7971b24932b50613283275d01305d760808d2b2e1729483f
f9edfd024f05b4a0487ea636e0aa5ccbbb56593ac1b720a2135b09e6888e6bb4
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fc43353b343e42c71e67a602ae24a1981c1173d61a7ce9672dcd1b8da551e911
fe277335a22e94911e9aa863ab0b353ce0d2f86f61157aba823aa2e87b44176b
fe29711f1d7066750acd395af97506e959e3d9e99eee3dc2e8829e49993f968b
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1
feed015ad376d0af8833220b9a92c88331c067186e11b1db29fc3f6894a234cf