gzdfjspx.com Open in urlscan Pro
154.211.88.5  Public Scan

36 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

• https://www.google-analytics.com/r/collect?v=1&_v=j80&aip=1&a=440800040&t=pageview&_s=1&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEDAAUAB~&jid=941176925&gjid=685450005&cid=213692129.1581084283&tid=UA-78705427-1&_gid=46876360.1581084283&_r=1&cd3=theguardian.com&cd4=international&cd5=networkfront&cd9=international%2Finternational&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&cd29=http%3A%2F%2Fgzdfjspx.com%2F&cd30=international&cd31=ifpma&cd43=none&cd50=News&z=106557211 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_gid=46876360.1581084283&gjid=685450005&_v=j80&z=106557211 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_v=j80&z=106557211 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_v=j80&z=106557211&slf_rd=1&random=3344430351

Request Chain 102

• http://secure-au.imrworldwide.com/v60.js HTTP 301
• https://cdn-gl.imrworldwide.com/v60.js

Request Chain 103

• https://sb.scorecardresearch.com/b?c1=2&c2=6035250&comscorekw=Network%20Front&ns__t=1581084282798&ns_c=GBK&cv=3.5&c8=%E5%BD%A9%E7%A5%A8%E4%BB%A3%E7%90%86_%E5%BD%A9%E7%A5%A8%E6%80%8E%E4%B9%88%E4%BB%A3%E7%90%86%5B4.1.8.5%5D&c7=http%3A%2F%2Fgzdfjspx.com%2F&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&comscorekw=Network%20Front&ns__t=1581084282798&ns_c=GBK&cv=3.5&c8=%E5%BD%A9%E7%A5%A8%E4%BB%A3%E7%90%86_%E5%BD%A9%E7%A5%A8%E6%80%8E%E4%B9%88%E4%BB%A3%E7%90%86%5B4.1.8.5%5D&c7=http%3A%2F%2Fgzdfjspx.com%2F&c9=&cs_ak_ss=1

Request Chain 118

• http://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1581084282932&ci=au-guardian&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fgzdfjspx.com%2F&sr=1600x1200&tz=1 HTTP 302
• http://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1581084282932&ci=au-guardian&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fgzdfjspx.com%2F&sr=1600x1200&tz=1&ja=1

Request Chain 133

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213059d234a6c77b%22%2C%22pid%22%3A1116421%2C%22tid%22%3A%221f27d0fb-8cf1-4f84-a92a-7f79b6f83cbe%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213059d234a6c77b%22%2C%22pid%22%3A1116421%2C%22tid%22%3A%221f27d0fb-8cf1-4f84-a92a-7f79b6f83cbe%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D

Request Chain 150

• https://secure.adnxs.com/ttj?id=11604344&size=728x90&promo_sizes=970x250,900x250&promo_alignment=center&pt1=http://gzdfjspx.com/&kw_pt1=http://gzdfjspx.com/&pt2=int&kw_pt2=int&pt3=network-front&kw_pt3=network-front&pt4=ng&kw_pt4=ng&pt5=international&kw_pt5=international&pt6=&kw_pt6=&pt9=|k6c8rbyvd8fz86y2ficr|||top-above-nav&kw_pt9=|k6c8rbyvd8fz86y2ficr|||top-above-nav&pubclick=[INSERT_CLICK_TAG]&custom_pub_data=k6c8rbyvd8fz86y2ficr&cb=1373392961&pubclickenc=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuyMUD755tU9NfCwm4NrU7lVKWHDf2dbE71SAJ4sqhUPQ9y_ca6SGLXCIa28Aqv7IeYi6AfnAKyiKwhH1YnT6NNFMQ10lBHtJJttXBlRYLE3xd8uSbm7RWQesNqQBC5H_oz3cO4SGwcgIhd2yWeZVGAjTcSLHkO8zZS1Dea5tPtIUcV86h0SYgwJFUuoYKvyEE02Xf99beCnvVIczS1xNlMs85041j7-r54eymaM1CYr8k0k2ngrkuoCCPc6fiG3Xjv6ygC6jIZ_SR2qk2tQVpz8XcbagFjbiM%2526sai%253DAMfl-YSjdd902RCfSPNmOLZ3dH-SANcv_hYryVUAAQwnFl5_qewtd1ieYHux_qQ2qIHB6YEGIJyde_dqvwdLGAA9NYKzFyTYnR1uspNUkJqF%2526sig%253DCg0ArKJSzA1345hqAh13EAE%2526urlfix%253D1%2526adurl%253D HTTP 302
• https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D11604344%26size%3D728x90%26promo_sizes%3D970x250%2C900x250%26promo_alignment%3Dcenter%26pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26kw_pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26pt2%3Dint%26kw_pt2%3Dint%26pt3%3Dnetwork-front%26kw_pt3%3Dnetwork-front%26pt4%3Dng%26kw_pt4%3Dng%26pt5%3Dinternational%26kw_pt5%3Dinternational%26pt6%3D%26kw_pt6%3D%26pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26kw_pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26pubclick%3D%5BINSERT_CLICK_TAG%5D%26custom_pub_data%3Dk6c8rbyvd8fz86y2ficr%26cb%3D1373392961%26pubclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuyMUD755tU9NfCwm4NrU7lVKWHDf2dbE71SAJ4sqhUPQ9y_ca6SGLXCIa28Aqv7IeYi6AfnAKyiKwhH1YnT6NNFMQ10lBHtJJttXBlRYLE3xd8uSbm7RWQesNqQBC5H_oz3cO4SGwcgIhd2yWeZVGAjTcSLHkO8zZS1Dea5tPtIUcV86h0SYgwJFUuoYKvyEE02Xf99beCnvVIczS1xNlMs85041j7-r54eymaM1CYr8k0k2ngrkuoCCPc6fiG3Xjv6ygC6jIZ_SR2qk2tQVpz8XcbagFjbiM%252526sai%25253DAMfl-YSjdd902RCfSPNmOLZ3dH-SANcv_hYryVUAAQwnFl5_qewtd1ieYHux_qQ2qIHB6YEGIJyde_dqvwdLGAA9NYKzFyTYnR1uspNUkJqF%252526sig%25253DCg0ArKJSzA1345hqAh13EAE%252526urlfix%25253D1%252526adurl%25253D

Request Chain 223

• https://i.clean.gg/1a HTTP 302
• https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json

Request Chain 269

• https://eu-u.openx.net/w/1.0/pd?plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 HTTP 302
• https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1

Request Chain 274

• https://eu-u.openx.net/w/1.0/pd?plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 HTTP 302
• https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1

287 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response gzdfjspx.com/	885 KB 147 KB	1099ms 1065ms	Document text/html	154.211.88.5 ITACE-AS-AP Itace...
General Check archive.org Show headers Download Go to Full URL http://gzdfjspx.com/ Protocol HTTP/1.1 Server 154.211.88.5 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK), Reverse DNS Software nginx / Resource Hash 0fb4f6126e44ef3d13d9ee36729c953246faf67b8d6673ee465924c2ced23bc1 Request headers Host gzdfjspx.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Server nginx Date Fri, 07 Feb 2020 14:04:41 GMT Content-Type text/html; charset=gbk Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Set-Cookie PHPSESSID=e8usu60k6t4bpla8g3j1hgo81e; path=/ GU_mvt_id=99657; expires=Thu, 07 May 2020 14:04:41 GMT; path=/; domain=.theguardian.com; Secure GU_geo_continent=AS; path=/; Secure GU_mvt_id=671011; expires=Thu, 07 May 2020 14:04:41 GMT; path=/; domain=.theguardian.com; Secure GU_geo_continent=AS; path=/; Secure Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip
GET H2	200	facia.garnett.css assets.guim.co.uk/stylesheets/70b6d611ecbd2afe48210adc68a85631/	271 KB 40 KB	22ms 6ms	Stylesheet text/css	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/stylesheets/70b6d611ecbd2afe48210adc68a85631/facia.garnett.css Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7be393d23627f9f87a828763b516381dd4332e8eaf886d298134ed59d3dd2bea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id vGRXlL2xOEaRSunIWYaqUojOjSyF6Ewn content-encoding gzip age 267880 x-gu-debug-url /PROD/frontend-static/stylesheets/70b6d611ecbd2afe48210adc68a85631/facia.garnett.css x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 40732 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 UeCFu9lEH0GBapLzMbWERTiMr8LNQPwJxoHMNxoYwjoSIbh2p9J1YL+Fqig70Wo3iVwcGvVxDR8= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Tue, 04 Feb 2020 11:38:36 GMT server AmazonS3 x-timer S1581084282.207259,VS0,VE0 etag "70b6d611ecbd2afe48210adc68a85631" vary Accept-Encoding x-amz-request-id E3A8F73E875C379F via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type text/css x-cache-hits 2899
GET H2	200	print.css assets.guim.co.uk/stylesheets/34c092721cd48ba90dfa205824941d3c/	7 KB 3 KB	32ms 16ms	Stylesheet text/css	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/stylesheets/34c092721cd48ba90dfa205824941d3c/print.css Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e6f324299968c5ac0c142b7526edbf073b3bef16f418917faf49e5776f0949de Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id pzpxCkwUUlXmnZQOX2b6u3F75M.7g2B_ content-encoding gzip age 39578670 x-gu-debug-url /PROD/frontend-static/stylesheets/34c092721cd48ba90dfa205824941d3c/print.css x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 3035 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 lh6dZVY51SdqZIGqyzrJWsnWoYv/SLryE8eo1Au58fB5Cz65KKAcMJkUSsB/zNSTggDoc/LlXGk= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Tue, 06 Nov 2018 11:58:15 GMT server AmazonS3 x-timer S1581084282.207257,VS0,VE0 etag "34c092721cd48ba90dfa205824941d3c" vary Accept-Encoding x-amz-request-id C284552C53AF9C37 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type text/css x-cache-hits 39550
GET H2	200	polyfill.min.js Show response assets.guim.co.uk/polyfill.io/v3/	136 B 801 B	19ms 19ms	Script text/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6,es7,es2017,default-3.6,HTMLPictureElement,IntersectionObserver,IntersectionObserverEntry&flags=gated&callback=guardianPolyfilled&unknown=polyfill&clearCache=4 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c3c12e49aeb4e934de3ca51565409eabdd7833d2c95e1ca758a577af82b95153 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff age 7600848 x-gu-debug-url /v3/polyfill.min.js?rum=0&features=es6,es7,es2017,default-3.6,HTMLPictureElement,IntersectionObserver,IntersectionObserverEntry&flags=gated&callback=guardianPolyfilled&unknown=polyfill&clearCache=4 normalized-user-agent chrome/79.0.0 detected-user-agent Chrome/79.0.3945 x-cache MISS status 200 date Fri, 07 Feb 2020 14:04:42 GMT server-timing HIT, fastly;desc="Edge time";dur=1 content-length 130 via 1.1 varnish x-served-by cache-fra19162-FRA referrer-policy origin-when-cross-origin x-timer S1581084282.208980,VS0,VE12 etag W/"82-sPUYEzmxMTzNliv7GnOTfOxRRB0" vary User-Agent, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * x-cache-hits 0
GET H2	200	graun.standard.js Show response assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/	135 KB 44 KB	14ms 14ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2491d39d3fc5e33280c6c33c895168944705cae91d756079566d1b74899eddd7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id FTuf05Ss8wE6e0j7ZOyEAaOjoTOyBP2o content-encoding gzip age 13219 x-gu-debug-url /PROD/frontend-static/javascripts/1cc65aaccfa4fbba3775/graun.standard.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 44538 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 hYek6dd1z95ska2zhdqt4Hfv0/xyzMdHXm/cMbGwiXlnweY/vdFpxkU/aRyC/SROhMx0ZJPDx0g= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:12 GMT server AmazonS3 x-timer S1581084282.209034,VS0,VE0 etag "0fe2ae8810a6d612d5b342d3477d69de" vary Accept-Encoding x-amz-request-id 1F8A82AB4D94CD87 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 522
GET H2	200	5835.jpg i.guim.co.uk/img/media/d6d5dd61c13bb5af1e0c486437db111ed654f4e5/0_464_5835_3501/master/	24 KB 25 KB	8ms 7ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/d6d5dd61c13bb5af1e0c486437db111ed654f4e5/0_464_5835_3501/master/5835.jpg?width=460&quality=85&auto=format&fit=max&s=591dcad396947740ae1585792380bf49 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d149892d914b9ebaa7a67830c748d02d41bb07f90cb1548b5f0fdd1b6d1791fe Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 47650 x-cache HIT, HIT fastly-io-info ifsz=10319102 idim=5835x3501 ifmt=jpeg ofsz=24892 odim=460x276 ofmt=webp status 200 fastly-stats io=1 content-length 24892 x-served-by cache-lcy19238-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.237347,VS0,VE0 etag "q92i10+eRLbFJNhJyWQ3d619dWhCkh0PDNIveRq8mSY" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 134
GET H2	200	2280.jpg i.guim.co.uk/img/media/e645a96fab17d2415e43e278ef0850f2e31fbae2/0_144_2280_1368/master/	7 KB 8 KB	9ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/e645a96fab17d2415e43e278ef0850f2e31fbae2/0_144_2280_1368/master/2280.jpg?width=220&quality=85&auto=format&fit=max&s=73f45c14567bf7542f614caf73d5011b Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 55a82b3045cdf0f912cc33220696a83eb9a1f21d4a21defa1a2215bec4ddce07 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 5232 x-cache HIT, HIT fastly-io-info ifsz=1030867 idim=2280x1368 ifmt=jpeg ofsz=7536 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 7536 x-served-by cache-lcy19238-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.238652,VS0,VE0 etag "Lw2+Ex16sheRNoFdqFcc+d4LkTdIsfv4XievBIYEqMA" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 3, 27
GET H2	200	5635.jpg i.guim.co.uk/img/media/4da7d99ab56239a70cb927c2204ebbdd9d540689/0_219_5635_3382/master/	11 KB 11 KB	8ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/4da7d99ab56239a70cb927c2204ebbdd9d540689/0_219_5635_3382/master/5635.jpg?width=460&quality=85&auto=format&fit=max&s=cb54578516b12cb6ec863aa69bbfd3a4 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4ea3dbc27e4472916f6813c7685dfd175d43ef93c8c23b60c925d2c02c3244c5 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 64546 x-cache HIT, HIT fastly-io-info ifsz=8739503 idim=5635x3382 ifmt=jpeg ofsz=11134 odim=460x276 ofmt=webp status 200 fastly-stats io=1 content-length 11134 x-served-by cache-lcy19222-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.237408,VS0,VE0 etag "iu1gtkjHaxAsXx4ZIu/D4zcz5BHXACSPh019lgdKDGk" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 151
GET H2	200	webfonts-hinting-off-kerning-on.css assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/	11 KB 1 KB	6ms 5ms	Stylesheet text/css	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e9438b8011ea1839ed71261b06f80de34b9adfa74b490c1fc216670911c3238b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id 8sV8oBKSPKe3ny5vcAIjKzcRryZ_Bh.H content-encoding gzip age 65962294 x-gu-debug-url /PROD/frontend-static/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 705 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 R6SQkajoChsL+OH11QMjVn/to0Q4FzfdfA8h/8THfUz1A9l96ZPeMlZ6lTUtMXMR1+40RZPRnOk= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Thu, 04 Jan 2018 18:49:52 GMT server AmazonS3 x-timer S1581084282.236787,VS0,VE0 etag "50441b3bda46af4af85a3f0a1b61f8bb" vary Accept-Encoding x-amz-request-id E23B670957132AE5 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type text/css x-cache-hits 2
GET H2	200	3472.jpg i.guim.co.uk/img/media/91913c6666c4a8599ae174e9a125d5d8cb4ae9ca/17_237_3472_2083/master/	6 KB 6 KB	6ms 5ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/91913c6666c4a8599ae174e9a125d5d8cb4ae9ca/17_237_3472_2083/master/3472.jpg?width=220&quality=85&auto=format&fit=max&s=04c2fc6ece628b7b4a03feea67607d85 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 51211e3ff922ad0b3ae33752166f398bcfc0a4cfc394572080c0ff427378d4d8 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 24523 x-cache HIT, HIT fastly-io-info ifsz=2398519 idim=3472x2083 ifmt=jpeg ofsz=5938 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 5938 x-served-by cache-lcy19230-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.259351,VS0,VE0 etag "+5OMDvaucFG/GsftMVEHSAKYst0QcjndF5qjiSe4sIM" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 128
GET H2	200	1996.jpg i.guim.co.uk/img/media/ed35d03c67b3c5919b2734d777c1138baa48c768/0_67_1996_1197/master/	2 KB 2 KB	7ms 7ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/ed35d03c67b3c5919b2734d777c1138baa48c768/0_67_1996_1197/master/1996.jpg?width=300&quality=85&auto=format&fit=max&s=1ac0f87257f55a494f17a71d192cd6dc Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 9779999abc1619ed5f032502c7c8989bc6719d7207b8fcd6deac67e311d0c827 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 6398 x-cache HIT, HIT fastly-io-info ifsz=479050 idim=1996x1197 ifmt=jpeg ofsz=1884 odim=300x180 ofmt=webp status 200 fastly-stats io=1 content-length 1884 x-served-by cache-lcy19230-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.259955,VS0,VE0 etag "/UCrtLJ6/jA0S3q9N6vGXh7W/FnYTQ65OGZwNlAj8DM" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 5, 6
GET H2	200	2956.jpg i.guim.co.uk/img/media/641c1532389e74364780dc06d05a401e7210f9db/1_0_2956_1774/master/	27 KB 27 KB	7ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/641c1532389e74364780dc06d05a401e7210f9db/1_0_2956_1774/master/2956.jpg?width=460&quality=85&auto=format&fit=max&s=6d3a773147416ee2853dbded32b505bb Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ad3c79b82f358df461515a259722d3f896be670e2e6aa97f7f277f02aee31caf Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 79547 x-cache HIT, HIT fastly-io-info ifsz=3597995 idim=2956x1774 ifmt=jpeg ofsz=27702 odim=460x276 ofmt=webp status 200 fastly-stats io=1 content-length 27702 x-served-by cache-lcy19247-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.259940,VS0,VE0 etag "sLu57hnP+axu8uNzAxXRyDaZZcjwkBhL/pDlfrD59h4" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 83
GET H2	200	2844.jpg i.guim.co.uk/img/media/d1a90f0d6b2a794e1eea98dc37a64445fb4929f0/32_341_2844_1706/master/	6 KB 6 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/d1a90f0d6b2a794e1eea98dc37a64445fb4929f0/32_341_2844_1706/master/2844.jpg?width=220&quality=85&auto=format&fit=max&s=16f565fb1dd5d420b824c5d508b84bf3 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8a01df152454c31ce5180b8c9e4a9424220abb6c32683b0684ab0be309e3c020 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 32669 x-cache HIT, HIT fastly-io-info ifsz=1266040 idim=2844x1706 ifmt=jpeg ofsz=6304 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 6304 x-served-by cache-lcy19230-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.259936,VS0,VE0 etag "TUf3N2UuEXu3rTWdh+bYWR47szSIhETycnLekNHUjV4" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 87
GET H2	200	2732.jpg i.guim.co.uk/img/media/657ae9e1e67e35d277b16f0a8fff61c48d516b91/0_181_2732_1640/master/	6 KB 7 KB	9ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/657ae9e1e67e35d277b16f0a8fff61c48d516b91/0_181_2732_1640/master/2732.jpg?width=220&quality=85&auto=format&fit=max&s=3d353cdea8b06d10ef285e69389d9bc0 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4020acdb2ccbd6f1c13c78a333c35fa275c809d5efeb712b4c9eb33e66e88fbd Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 217984 x-cache HIT, HIT fastly-io-info ifsz=3023962 idim=2732x1640 ifmt=jpeg ofsz=6618 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 6618 x-served-by cache-lcy19236-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.260056,VS0,VE0 etag "Eep47C737VZxgVVp1n1i7YKfyJdacIxvgG0EMNSrZ/o" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 45
GET H2	200	7055.jpg i.guim.co.uk/img/media/71351f6e803846c42146a435cf09fd6dd3b82f86/0_235_7055_4234/master/	6 KB 6 KB	7ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/71351f6e803846c42146a435cf09fd6dd3b82f86/0_235_7055_4234/master/7055.jpg?width=220&quality=85&auto=format&fit=max&s=cce8e90ec58bbcfd5239b89936bcfcfa Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7fa6dfa8f69bcca50875d568ea3682efbd0b6dfc8cd1bc33257a32efaba49e01 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 10026 x-cache HIT, HIT fastly-io-info ifsz=11851859 idim=7055x4234 ifmt=jpeg ofsz=5934 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 5934 x-served-by cache-lcy19241-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.260046,VS0,VE0 etag "c4fX+ffsQetAgNqmYva+D0ZsPEISrUIr1N12oUEJmZc" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 20, 60
GET H2	200	5783.jpg i.guim.co.uk/img/media/6f601c450af21093f1f57633033013e8c2e4392f/0_389_5783_3471/master/	2 KB 2 KB	23ms 22ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/6f601c450af21093f1f57633033013e8c2e4392f/0_389_5783_3471/master/5783.jpg?width=140&quality=85&auto=format&fit=max&s=e53a1e49f6bf8715b08e6686aed35eef Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e7f5559d4a8ddba4cd765c3d391eef875f68f80850ad74cefb6b2dc5e7de545a Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 2256 x-cache HIT, HIT fastly-io-info ifsz=6094822 idim=5783x3471 ifmt=jpeg ofsz=1686 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 1686 x-served-by cache-lcy19241-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.266747,VS0,VE0 etag "2nXaCfdU1L4Y9l5o18iodtMtf4zQAPUG296YDydG5Io" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 4, 21
GET H2	200	1728.jpg i.guim.co.uk/img/media/0ebd171209b65e3010cd19d0ca1802c094bc60c5/0_0_1728_1037/master/	2 KB 2 KB	22ms 22ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/0ebd171209b65e3010cd19d0ca1802c094bc60c5/0_0_1728_1037/master/1728.jpg?width=140&quality=85&auto=format&fit=max&s=92af4d0f89d5bba484d672097eba1314 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 10039d391e082387da46f0b58c53c7f1032779c6e35f6073c85f91f346702200 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 5905 x-cache HIT, HIT fastly-io-info ifsz=727760 idim=1728x1037 ifmt=jpeg ofsz=1844 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 1844 x-served-by cache-lcy19239-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.266952,VS0,VE0 etag "Tf0Rdc+h8GxKcGwoLNCIWXgrsMtwlBeP0C0PTeV5iK4" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 5, 31
GET H2	200	5760.jpg i.guim.co.uk/img/media/d6a1891b84a92bd5cc014bed2e559c25878be458/0_192_5760_3456/master/	3 KB 3 KB	22ms 22ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/d6a1891b84a92bd5cc014bed2e559c25878be458/0_192_5760_3456/master/5760.jpg?width=140&quality=85&auto=format&fit=max&s=09e4657430c32f9c52cbe49888c6d6ba Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7a9cb1a001c1d8b42558c47009d31f3e23dac5bcd74d4722ba29ed8be0d89575 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 75418 x-cache HIT, HIT fastly-io-info ifsz=4803593 idim=5760x3456 ifmt=jpeg ofsz=3008 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 3008 x-served-by cache-lcy19234-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.266945,VS0,VE0 etag "sWglM1DEBBG/Jb/JHSJEMDxaAShgGAtv4Yd6ArSGyOo" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 37
GET H2	200	7583.jpg i.guim.co.uk/img/media/20572cc7925ffa76cb9380ff166a87701b4c13d1/375_0_7583_4552/master/	1006 B 1 KB	22ms 22ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/20572cc7925ffa76cb9380ff166a87701b4c13d1/375_0_7583_4552/master/7583.jpg?width=140&quality=85&auto=format&fit=max&s=0f2c192a96f957a7fe5b94876a63a989 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 038e2aca653b4f4ae77d7401e6e3969479d532826db4f00979e40ba4b4890d59 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 29070 x-cache HIT, HIT fastly-io-info ifsz=4082768 idim=7583x4552 ifmt=jpeg ofsz=1006 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 1006 x-served-by cache-lcy19244-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.268271,VS0,VE0 etag "n7/5K5dTsFysCIXxSfqwXgD32K3UGc8BLm0WzlpKm2Q" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 140
GET H2	200	4000.jpg i.guim.co.uk/img/media/7670e87039c6f391fcb9e51db6b3015fab700c5f/0_22_4000_2400/master/	16 KB 16 KB	22ms 22ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/7670e87039c6f391fcb9e51db6b3015fab700c5f/0_22_4000_2400/master/4000.jpg?width=368&quality=85&auto=format&fit=max&s=e8670322dee64d5d921a5f8dd5a32bdf Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ad1e57363dc09730a75f1a4dfd4ca21b74d5bf749013b46f1c079ba0bc792226 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 84421 x-cache HIT, HIT fastly-io-info ifsz=3992963 idim=4000x2400 ifmt=jpeg ofsz=16394 odim=368x221 ofmt=webp status 200 fastly-stats io=1 content-length 16394 x-served-by cache-lcy19242-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.268230,VS0,VE0 etag "oQY6lgmsCGZWBzn0Hg6JeU7+t1i09TtGbNzBlwqCu/0" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 166
GET H2	200	english.svg uploads.guim.co.uk/2020/01/31/	8 KB 8 KB	13ms 11ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/english.svg Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7f4c9760a8c4244b0435d5ac61494c6c300b4547b80bd052c2cc843282901317 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 2423 x-cache HIT status 200 content-length 8197 x-amz-id-2 55DrHMdyazKXNxPNBYvf+rfx2UrIfwRDEDp+M7KV3NigRBq6qHwRTv63xME7naNwxfERtzOjcbY= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:16 GMT server AmazonS3 x-timer S1581084282.263997,VS0,VE0 etag "ce1d8012724d444b017616a3ec024faf" strict-transport-security max-age=86400 x-amz-request-id 7AFC194813986EAB accept-ranges bytes content-type image/svg+xml x-cache-hits 23
GET H2	200	hopeispower2.svg uploads.guim.co.uk/2020/01/31/	281 KB 281 KB	7ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/hopeispower2.svg Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a0176cc87300c9873f6fb0f37d5a9189a8235e13ec972b74319a7a6f2844003a Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 2090 x-cache HIT status 200 content-length 287656 x-amz-id-2 CZNeIJOWAm0AydQr4hkvUG3qWljJ0ruwJ6A5eegdTxivm/O8lV/m9096PQ70D4So7rZF0WBxTZs= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 12:08:43 GMT server AmazonS3 x-timer S1581084282.263926,VS0,VE0 etag "de8619b4bd1d5c667f60f79a4f2a4cd9" strict-transport-security max-age=86400 x-amz-request-id BE52C1BCD3EABD67 accept-ranges bytes content-type image/svg+xml x-cache-hits 3
GET H2	200	empty.db892fb1.gif interactive.guim.co.uk/thrashers/secure-drop/hashed/	1 KB 2 KB	13ms 11ms	Image image/gif	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://interactive.guim.co.uk/thrashers/secure-drop/hashed/empty.db892fb1.gif Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5b47d579a6554e9b2dbdbfa2576c737e990e9023133e5fda03315f13f3616384 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 1686971 x-cache HIT status 200 content-length 1097 x-amz-id-2 7C3YHzJTG0wiFzXWNlZzcHjsZ/g1BZF6hhbc2LJ0uV0ro/Y3WJmVBpvrRyd9juptJsmK8DTDi28= x-served-by cache-fra19162-FRA last-modified Mon, 20 Mar 2017 13:56:34 GMT server AmazonS3 x-timer S1581084282.263984,VS0,VE0 etag "f9a65682f487350d700290bcf2e53d63" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id BD344201031E43CF access-control-allow-origin * access-control-expose-headers Date cache-control max-age=2678400 accept-ranges bytes content-type image/gif access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 10700
GET H2	200	GuardianTextEgyptianWeb-Regular.woff2 pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/original/GuardianTextEgyptianWeb/	26 KB 26 KB	29ms 6ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/original/GuardianTextEgyptianWeb/GuardianTextEgyptianWeb-Regular.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a882d6b165b45553266b3088ee7d75178604b275a029e66429959686cdb4aaeb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 639578 x-cache HIT status 200 content-length 26560 x-amz-id-2 ULs6Myk3kZU3rmG/DwZ8E+vJgG4uGZq+jCNbMT7A9LVO2UUDq96iQ8ZfyEcxWOjcil6N8O/WpKs= x-served-by cache-fra19172-FRA last-modified Thu, 22 Jan 2015 13:42:12 GMT server AmazonS3 x-fonts-legal-notice The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties. x-timer S1581084282.286332,VS0,VE0 etag "79685bcdf2207786800044ddb4dc19d5" strict-transport-security max-age=31536000 x-amz-request-id 1B3CC5150FC5A48B access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-type application/octet-stream x-cache-hits 3
GET H2	200	GuardianEgyptianWeb-Semibold.woff2 pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/ascii/GuardianEgyptianWeb/	8 KB 9 KB	28ms 6ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/ascii/GuardianEgyptianWeb/GuardianEgyptianWeb-Semibold.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 3482e2ea2efc67b8658f629ca671938bf0fc8374a6fcc1749d28b516cf1468f3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 6437256 x-cache HIT status 200 content-length 8296 x-amz-id-2 mGgK4YR0isDukXCoVI8mgixH0riWyThuzA8m9ZqAWKDLMOkrO+p2jyTFQnpaVti5qS7YtShx5Gc= x-served-by cache-fra19172-FRA last-modified Thu, 22 Jan 2015 13:42:02 GMT server AmazonS3 x-fonts-legal-notice The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties. x-timer S1581084282.286328,VS0,VE0 etag "71f8f7eab4763cd0b952ff6b14790fd4" strict-transport-security max-age=31536000 x-amz-request-id ACA5054B04F90B82 access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-type application/octet-stream x-cache-hits 5
GET H2	200	GuardianTextSansWeb-Regular.woff2 pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/original/GuardianTextSansWeb/	27 KB 27 KB	35ms 13ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/original/GuardianTextSansWeb/GuardianTextSansWeb-Regular.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5cd7e8ca016a6fc50ae7a83563dee00a749557a64e476f0abea1f6c6789113c3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 7823709 x-cache HIT status 200 content-length 27284 x-amz-id-2 3ujTmPDRX99KIv95oy8ByuFXf8hI4G2ktboq5R3mu3Kg8CM9lPculkDvjkAkGqmt5ZZUSGHMsfk= x-served-by cache-fra19172-FRA last-modified Thu, 22 Jan 2015 13:42:13 GMT server AmazonS3 x-fonts-legal-notice The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties. x-timer S1581084282.286540,VS0,VE0 etag "0ed7471288ede9d5f8496fbb730a687f" strict-transport-security max-age=31536000 x-amz-request-id D34057D62533A622 access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-type application/octet-stream x-cache-hits 4
GET H2	200	GuardianTextSansWeb-Medium.woff2 pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/original/GuardianTextSansWeb/	27 KB 27 KB	35ms 12ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/original/GuardianTextSansWeb/GuardianTextSansWeb-Medium.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 9bbf62a7eddf91b6726924484ea367341030d3b22e2d9f7c87a296418c4d462b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 7820065 x-cache HIT status 200 content-length 27156 x-amz-id-2 TfaC4bfdwVkVoDw3u+UaWC4xXxg7WdNvjcXGJbmWgamwNGaUJi8OUo5367i7ypI0NzPV0qkEcW0= x-served-by cache-fra19172-FRA last-modified Thu, 22 Jan 2015 13:42:13 GMT server AmazonS3 x-fonts-legal-notice The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties. x-timer S1581084282.286538,VS0,VE0 etag "4ccb5d2b70faf228a7c72b979f2f8242" strict-transport-security max-age=31536000 x-amz-request-id 47887D9AD6BC6ADD access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-type application/octet-stream x-cache-hits 3
GET H2	200	GuardianEgyptianWeb-Light.woff2 pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/latin1/GuardianEgyptianWeb/	14 KB 14 KB	42ms 21ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/latin1/GuardianEgyptianWeb/GuardianEgyptianWeb-Light.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2d1ea2f64bdba35738dcaf5c943affc0305d5cbfa20995195a40662a2aa734c3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 31739623 x-cache HIT status 200 content-length 14624 x-amz-id-2 6XeWC44PaliBe5mSAB59a9SZShRa5GbmnDSd80TMMyFPXiZaapgtIAN3sJgy4tefa9LrOyKM788= x-served-by cache-fra19172-FRA last-modified Thu, 22 Jan 2015 13:42:05 GMT server AmazonS3 x-fonts-legal-notice The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties. x-timer S1581084282.286500,VS0,VE1 etag "0933fa5c5bb6dfcda125d63f1221e2a6" strict-transport-security max-age=31536000 x-amz-request-id AEBF61F8427BA3D4 access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-type application/octet-stream x-cache-hits 1
GET H2	200	GuardianTextEgyptianWeb-Medium.woff2 pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/latin1/GuardianTextEgyptianWeb/	14 KB 15 KB	33ms 13ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/latin1/GuardianTextEgyptianWeb/GuardianTextEgyptianWeb-Medium.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 948982f11e088bb8d9dd6f4a5128b0e38f174e6e0251c38e9b0366f0ac60b079 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 9717373 x-cache HIT status 200 content-length 14420 x-amz-id-2 za0J/ZT9uzZyhzzFyFhH34DfUP0nOkRVF0P0RiUAVXGgimqCCrWs2BatTDjnR99aSNLJCArOqyU= x-served-by cache-fra19172-FRA last-modified Thu, 22 Jan 2015 13:42:07 GMT server AmazonS3 x-fonts-legal-notice The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties. x-timer S1581084282.286485,VS0,VE0 etag "266d67cdb9e18df395a64a3d2d4c4b88" strict-transport-security max-age=31536000 x-amz-request-id 0EF6C3020A423747 access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-type application/octet-stream x-cache-hits 5
GET H2	200	GuardianEgyptianWeb-Regular.woff2 pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/latin1/GuardianEgyptianWeb/	14 KB 14 KB	32ms 13ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pasteup.guim.co.uk/fonts/1.0.0/hinting-off/kerning-on/latin1/GuardianEgyptianWeb/GuardianEgyptianWeb-Regular.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5ae434ca3a2b498f289455ace4bc050df7f88000d5fc1015b766d127701e1ddd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://assets.guim.co.uk/stylesheets/50441b3bda46af4af85a3f0a1b61f8bb/webfonts-hinting-off-kerning-on.css Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 14133588 x-cache HIT status 200 content-length 14008 x-amz-id-2 cuMiCGt+F4ACsot8ULTr29yYZmVoJyhW0mOt3hv5zYdo7Qac8ugmfP6qBtsWJxMyNeBGQMAhVhc= x-served-by cache-fra19172-FRA last-modified Thu, 22 Jan 2015 13:42:05 GMT server AmazonS3 x-fonts-legal-notice The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties. x-timer S1581084282.286462,VS0,VE0 etag "6b6ae1c0f1bcf2d719930586accf10eb" strict-transport-security max-age=31536000 x-amz-request-id DD13FCD223198EEF access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-type application/octet-stream x-cache-hits 4
GET H2	200	2000.png i.guim.co.uk/img/media/26bb29790c63ac3374470d116e54a036581bbeda/0_0_2000_1200/master/	3 KB 3 KB	6ms 5ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/26bb29790c63ac3374470d116e54a036581bbeda/0_0_2000_1200/master/2000.png?width=220&quality=85&auto=format&fit=max&s=e5495fb29b2108c63b19566e49eff861 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f9ce90f93dd87f9b8b5db5c87ed688ed5a5f9f15a34faccbe93345f3dc735f84 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 5474003 x-cache HIT, HIT fastly-io-info ifsz=35282 idim=2000x1200 ifmt=png ofsz=3250 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 3250 x-served-by cache-lcy19246-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.301250,VS0,VE0 etag "f0Dlu+8fWmFmt8Tl2KEf30W4rc/lprcEFWT4Hx7j84o" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 312
GET H2	200	5161.jpg i.guim.co.uk/img/media/5de9e04d06d47c1e7037653b54c62e987b5b0825/0_108_5161_3097/master/	4 KB 4 KB	8ms 7ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/5de9e04d06d47c1e7037653b54c62e987b5b0825/0_108_5161_3097/master/5161.jpg?width=220&quality=85&auto=format&fit=max&s=6fc8a702e27bf498e3e4dc906008d2d9 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash bc2405cf224da53297a1a04a59a3d096e29e2a58297aa5d53a4039d1b00240e3 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 6755 x-cache HIT, HIT fastly-io-info ifsz=3250888 idim=5161x3097 ifmt=jpeg ofsz=3856 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 3856 x-served-by cache-lcy19236-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.302121,VS0,VE0 etag "EM7/pxY5q9tCNP1ZDg8DgXNqLY5I6S/J//GPqAnNwmI" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 34
GET H2	200	2400.jpg i.guim.co.uk/img/media/5543f78e601a59ced401de88196d13113fbe04b1/80_0_2400_1440/master/	7 KB 8 KB	7ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/5543f78e601a59ced401de88196d13113fbe04b1/80_0_2400_1440/master/2400.jpg?width=220&quality=85&auto=format&fit=max&s=83c57f89aba6624cf41751e6e65806aa Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 28876084d76873b4d2ee6d67c644e1048f959114d44534c39b73cc0efd1ccc95 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 56483 x-cache HIT, HIT fastly-io-info ifsz=787249 idim=2400x1440 ifmt=jpeg ofsz=7524 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 7524 x-served-by cache-lcy19234-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.302105,VS0,VE0 etag "tkYx3IOmwaE/kgP9puhXwshOmhx/llww3tkCNyETPOg" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 76
GET H2	200	6000.jpg i.guim.co.uk/img/media/dada84c16c35b357d8a3cdf24574debbdc385f28/0_0_6000_3600/master/	3 KB 3 KB	7ms 7ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/dada84c16c35b357d8a3cdf24574debbdc385f28/0_0_6000_3600/master/6000.jpg?width=140&quality=85&auto=format&fit=max&s=4300e1f7b554e9df8ffa54bbbe3dcb70 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ab271d9c6c988a57ff27cf096c42f88ed04fefee85ab2a1eee3429d44bd0b271 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 174843 x-cache HIT, HIT fastly-io-info ifsz=8884030 idim=6000x3600 ifmt=jpeg ofsz=3258 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 3258 x-served-by cache-lcy19237-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.302096,VS0,VE0 etag "lk0aXW5NzlGKec0TpFfTSyMgPAfsYcGXtd7+PLPejNE" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 81
GET H2	200	4373.jpg i.guim.co.uk/img/media/ac5517fa8de18537ef883c5ad2d5acb2c9d80106/0_509_4373_2625/master/	3 KB 3 KB	7ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/ac5517fa8de18537ef883c5ad2d5acb2c9d80106/0_509_4373_2625/master/4373.jpg?width=140&quality=85&auto=format&fit=max&s=f96d3d44c4a65b901045fcf56ac1dada Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 48029ebf62ac8c74208538650fd3d45727e80b8971ceaf8ecf2271c2c310aa0d Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 9511 x-cache HIT, HIT fastly-io-info ifsz=2299892 idim=4373x2625 ifmt=jpeg ofsz=2686 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 2686 x-served-by cache-lcy19245-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.302086,VS0,VE0 etag "PQfCGhLrRQ/52dKY/vYrc2qXZboEyjHzkiHJWuUmzxM" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 17
GET H2	200	6240.jpg i.guim.co.uk/img/media/1527ca83b313aab8a4d2059e259329815e5c0df9/0_416_6240_3744/master/	3 KB 3 KB	7ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/1527ca83b313aab8a4d2059e259329815e5c0df9/0_416_6240_3744/master/6240.jpg?width=140&quality=85&auto=format&fit=max&s=6bfb10801cb10e636f61f987f2360826 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 63af3d9e272c0a07b48e548e8a24c54bc10941f92f1a2e93cfefefd7a4408d10 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 5931 x-cache HIT, HIT fastly-io-info ifsz=5045893 idim=6240x3744 ifmt=jpeg ofsz=3074 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 3074 x-served-by cache-lcy19222-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.302092,VS0,VE0 etag "TC/UV5WIIX999ly19DSdoPfI3fNHj0IhIsASYucyL1U" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 3, 34
GET H2	200	John-Crace,-L.png i.guim.co.uk/img/uploads/2017/10/06/	7 KB 8 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/uploads/2017/10/06/John-Crace,-L.png?width=115&quality=85&auto=format&fit=max&s=03e0298ac4bdb63900b9ba9ed0e610da Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 349717fa9e1e8e8c989d68dfbdebb73ab103aea12c06cd533ff99d62cde49cd1 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 9196446 x-cache HIT, HIT fastly-io-info ifsz=388751 idim=720x600 ifmt=png ofsz=7624 odim=115x96 ofmt=webp status 200 fastly-stats io=1 content-length 7624 x-served-by cache-lcy19232-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.307415,VS0,VE0 etag "wDGvfKUa6qfwdGir4oqb//+S9P3yg/Zl0lumIJygqbs" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 78, 35
GET H2	200	4030.jpg i.guim.co.uk/img/media/ef98423632aa82fd79d4bca5e49aa98b38e46137/3_612_4030_2419/master/	18 KB 18 KB	7ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/ef98423632aa82fd79d4bca5e49aa98b38e46137/3_612_4030_2419/master/4030.jpg?width=460&quality=85&auto=format&fit=max&s=8486bbabcfa2113189f57c9329a95d7e Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ac9ceafcd7901f9d589d9f77319f0fe0693230a07a19ecdd50e5180d95958e7d Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 9020 x-cache HIT, HIT fastly-io-info ifsz=3391519 idim=4030x2419 ifmt=jpeg ofsz=18050 odim=460x276 ofmt=webp status 200 fastly-stats io=1 content-length 18050 x-served-by cache-lcy19221-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.309723,VS0,VE0 etag "3UQKm6VW38TztNMEk2smC5YSjN7g1wgnRdsduNGx68c" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 55
GET H2	200	4681.jpg i.guim.co.uk/img/media/a103e8f77bfb1947414e05d7cc0ad8e676971dd8/22_0_4681_2809/master/	5 KB 5 KB	7ms 7ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/a103e8f77bfb1947414e05d7cc0ad8e676971dd8/22_0_4681_2809/master/4681.jpg?width=220&quality=85&auto=format&fit=max&s=9c9c7851dcaf9cac9187196c9d6fc79d Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 040c298931a0ca89ff63c7a2fd7df28925990ee4feb56da702e22bedbf957dfb Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 2664 x-cache HIT, HIT fastly-io-info ifsz=5461387 idim=4681x2809 ifmt=jpeg ofsz=5344 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 5344 x-served-by cache-lcy19242-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.309875,VS0,VE0 etag "1JoHqVsS5UvlKmyYppxut82+LPUsO1VsxDS3hMsh1RY" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 21
GET H2	200	3500.jpg i.guim.co.uk/img/media/a5508a2d52cf96278c33e59beb7daeb6523d850e/0_89_3500_2101/master/	8 KB 8 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/a5508a2d52cf96278c33e59beb7daeb6523d850e/0_89_3500_2101/master/3500.jpg?width=220&quality=85&auto=format&fit=max&s=20f2919b0d65368b655d0212fd72b423 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1ad2034a5a50aed532114f3900ef3abc8b5f622b7cbffce984512ac0c9bfc983 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 53742 x-cache HIT, HIT fastly-io-info ifsz=2491264 idim=3500x2101 ifmt=jpeg ofsz=8426 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 8426 x-served-by cache-lcy19230-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.309850,VS0,VE0 etag "0wKZGYzhdP6XOiiJdjSOQdMABQ+fR/0W0cy114RfwlM" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 5, 145
GET H2	200	4639.jpg i.guim.co.uk/img/media/56dbc762cdf587a9359f610ef25c61a0c80ed07b/101_0_4639_2784/master/	3 KB 3 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/56dbc762cdf587a9359f610ef25c61a0c80ed07b/101_0_4639_2784/master/4639.jpg?width=220&quality=85&auto=format&fit=max&s=61be253a0187dd1e3065aa724eef3e22 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 803d26a064562a87f6c06839583b29b6e98a1f44dd447601367120a2566e8da9 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 58424 x-cache HIT, HIT fastly-io-info ifsz=2719778 idim=4639x2784 ifmt=jpeg ofsz=3042 odim=220x132 ofmt=webp status 200 fastly-stats io=1 content-length 3042 x-served-by cache-lcy19235-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.309830,VS0,VE0 etag "OrV6DlyxqSwgJ39Jlp3SgWg7ceW7xQnJa/jBOR50Tng" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 3, 86
GET H2	200	6208.jpg i.guim.co.uk/img/media/dc2b60ef66d06ac7adcebde863fc9e9c5dcc8c23/0_0_6208_3726/master/	2 KB 2 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/dc2b60ef66d06ac7adcebde863fc9e9c5dcc8c23/0_0_6208_3726/master/6208.jpg?width=140&quality=85&auto=format&fit=max&s=d41eee827f741f4cdc08f1900c54d41d Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 3add5269dde0969a8f0f22fcfd83cb54839cb3655d2ae3e0389e6cbef65daca2 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 70503 x-cache HIT, HIT fastly-io-info ifsz=5067958 idim=6208x3726 ifmt=jpeg ofsz=2310 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 2310 x-served-by cache-lcy19232-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.309821,VS0,VE0 etag "6B/B7LuIS7g7piGCgcD65gKffo5LDnUyKpjW4G1EWQM" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 36
GET H2	200	943.jpg i.guim.co.uk/img/media/a8196339f09017ef66a9395c3eab07202436dca6/51_155_943_566/master/	2 KB 2 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/a8196339f09017ef66a9395c3eab07202436dca6/51_155_943_566/master/943.jpg?width=140&quality=85&auto=format&fit=max&s=1cc511d72ae6dadf3ff63a2084d3e999 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash afa4ef8ccf93c0ad9dc82654e7b871112f688e86f3ab3b419a0759d56be268ec Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 7513 x-cache HIT, HIT fastly-io-info ifsz=56231 idim=943x566 ifmt=jpeg ofsz=1540 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 1540 x-served-by cache-lcy19225-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.313429,VS0,VE0 etag "gHE5Hs26CiijuPBg+q75YwYYKHX6gHPICQFD7N90vJM" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 44
GET H2	200	4343.jpg i.guim.co.uk/img/media/2088146788d8220173493ea669c1c2cf879f2feb/0_307_4343_2605/master/	3 KB 4 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/2088146788d8220173493ea669c1c2cf879f2feb/0_307_4343_2605/master/4343.jpg?width=140&quality=85&auto=format&fit=max&s=af5174f0b02d114b08a366ec85551d67 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8c59b8972e822d22033872b3db3543d7c732052853e4078a438e84c0788f119c Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 1935 x-cache HIT, HIT fastly-io-info ifsz=4743561 idim=4343x2605 ifmt=jpeg ofsz=3464 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 3464 x-served-by cache-lcy19239-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.316480,VS0,VE0 etag "fTlYJXyBT8nytXdtvgigqXk+werNaNqw6aecnc7L/ts" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 3, 11
GET H2	200	3000.jpg i.guim.co.uk/img/media/3e717d1d17d6bc8ce347f921eadc36ad2f518f6e/0_50_3000_1800/master/	4 KB 4 KB	6ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/3e717d1d17d6bc8ce347f921eadc36ad2f518f6e/0_50_3000_1800/master/3000.jpg?width=140&quality=85&auto=format&fit=max&s=336a113dbcd6f74147f287674a3061fd Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 996898dc7d50eb57c8770c1c714d67b7567e85d4bc36fa46991b501095870bee Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 33491 x-cache HIT, HIT fastly-io-info ifsz=1879123 idim=3000x1800 ifmt=jpeg ofsz=3966 odim=140x84 ofmt=webp status 200 fastly-stats io=1 content-length 3966 x-served-by cache-lcy19231-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084282.316471,VS0,VE0 etag "H0K2kTTH3AX9pqQPgdX0DBmo5MgMuzjsuQ/fjKH4gCU" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 3, 72
GET H/1.1	204 No Content	1 ophan.theguardian.com/img/	0 582 B	81ms 42ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/1?v=15&platform=next-gen&url=http%3A%2F%2Fgzdfjspx.com%2F&ref=&visibilityState=visible&isModernBrowser=true&tz=-60&contentType=network%20front&viewId=k6c8rbyvd8fz86y2ficr Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	80ms 41ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&inPrivateBrowsingMode=false Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	app.js Show response interactive.guim.co.uk/atoms/thrashers/2020/01/brexit-day-thrasher/default/v/1580738857028/	962 B 959 B	6ms 6ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://interactive.guim.co.uk/atoms/thrashers/2020/01/brexit-day-thrasher/default/v/1580738857028/app.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a91109a40a4349b6979413b9cc41108e1b539e8362c698fe25fd83092527a55b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 345393 x-cache HIT status 200 strict-transport-security max-age=31536000 content-length 464 x-amz-id-2 GmkEPuQqvntHLVHeOnroXa3Y+2yl1Kv+zTlDSfLrgK8gQb9Rc2rIEloLHISfvhpmxEurOrH0L8k= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Mon, 03 Feb 2020 14:07:39 GMT server AmazonS3 x-timer S1581084282.397403,VS0,VE0 etag "80899b35d916342073132afec4db2029" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id 376D88CF74EBC899 via 1.1 varnish access-control-expose-headers Date cache-control max-age=31536000 accept-ranges bytes content-type application/javascript access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 2391
GET H2	200	main.fe7e9b01.js Show response interactive.guim.co.uk/thrashers/secure-drop/hashed/	2 KB 1 KB	6ms 6ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://interactive.guim.co.uk/thrashers/secure-drop/hashed/main.fe7e9b01.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash bd6777ec45addc2ca9cf4675e5ae603a70755e643eb709034bfbf0911fd0f9d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 1160576 x-cache HIT status 200 strict-transport-security max-age=31536000 content-length 891 x-amz-id-2 VCx6uhOyBEhv3NstBaZXZCpig2OWPyDoOT8uuWLmTCxI72QEwUV2vhXlBIyweHtCEllCUiDC4lI= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Thu, 20 Sep 2018 10:59:45 GMT server AmazonS3 x-timer S1581084282.468998,VS0,VE0 etag "fe7e9b014f13062fb29015207f213e02" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id 56B1811FE6104A3C via 1.1 varnish access-control-expose-headers Date cache-control max-age=2678400 accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 6169
GET H2	200	6ea3bef5-d883-4b3d-aed2-4f4c1dd75975-b87e3953-ca98-4827-bcf9-49a373736258-IFPMA-Logo%20new.png static.theguardian.com/commercial/sponsor/12/Nov/2019/	9 KB 9 KB	118ms 37ms	Image image/png	151.101.113.111 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static.theguardian.com/commercial/sponsor/12/Nov/2019/6ea3bef5-d883-4b3d-aed2-4f4c1dd75975-b87e3953-ca98-4827-bcf9-49a373736258-IFPMA-Logo%20new.png Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 795d2a057b92ae21eb8bb06629f7ccb6d1f69a3f7a067b717eaaee7c8b27d671 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 952 x-cache HIT status 200 content-length 8890 x-amz-id-2 aYKa5pmIUK6ARBbhGbV9ktCk6Zxgdh5TOULlcXSJdtWgR4TBS3T3ufjdFxw8ZJnyYzVpmB0GGM8= x-served-by cache-hhn4065-HHN last-modified Tue, 12 Nov 2019 12:26:55 GMT server AmazonS3 x-timer S1581084283.622721,VS0,VE0 etag "61dd9e62ff58f2b52342fbc695204e7f" x-amz-request-id CB813DB3684F431C accept-ranges bytes content-type image/png x-cache-hits 17
GET H2	200	2000.jpg media.guim.co.uk/2d0d2e94400b10410281712c7ed7497bbcee348d/300_0_4124_1578/	98 KB 98 KB	7ms 6ms	Image image/jpeg	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.guim.co.uk/2d0d2e94400b10410281712c7ed7497bbcee348d/300_0_4124_1578/2000.jpg Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e748c92e1aaa22cd6edde037e1c3dedeea31cc5b88f95cdac27f5469a4021060 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 105649 x-cache HIT, HIT, HIT, HIT status 200 content-length 100392 x-served-by cache-lcy19222-LCY, cache-lcy19222-LCY, cache-fra19162-FRA, cache-fra19162-FRA last-modified Thu, 06 Feb 2020 08:43:48 GMT server AmazonS3 x-timer S1581084283.526605,VS0,VS0,VE0 etag "273f46ed6c8e2a381ffc5d2b58771e88" strict-transport-security max-age=31536000 content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 2, 62, 62
GET H2	200	app.js Show response interactive.guim.co.uk/atoms/thrashers/2020/02/documentary-teranga/default/v/1581081724983/	962 B 937 B	10ms 10ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://interactive.guim.co.uk/atoms/thrashers/2020/02/documentary-teranga/default/v/1581081724983/app.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a91109a40a4349b6979413b9cc41108e1b539e8362c698fe25fd83092527a55b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 2502 x-cache HIT status 200 strict-transport-security max-age=31536000 content-length 464 x-amz-id-2 7COHzIopkMEIWN7bMoJWIJZK+aVxpBmVOShPB3+qkFZkdDvO8aakXhnO0a1G4f92UtM0rAQKd4Y= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 13:22:07 GMT server AmazonS3 x-timer S1581084283.529171,VS0,VE0 etag "80899b35d916342073132afec4db2029" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id 560D7F60C8973F9A via 1.1 varnish access-control-expose-headers Date cache-control max-age=31536000 accept-ranges bytes content-type application/javascript access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 68
GET H2	200	1920.jpg i.guim.co.uk/img/media/34fc86c943d4c77a1128d5862685795e603240a7/0_0_1920_1080/	20 KB 20 KB	8ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/34fc86c943d4c77a1128d5862685795e603240a7/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=8d98c6a76e0576d6250056616f280f20 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 14ab8674de996a06d19d3d1101f7ee17080176f0a83f9d673efc04dc3171817e Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 93755 x-cache HIT, HIT fastly-io-info ifsz=250863 idim=1920x1080 ifmt=jpeg ofsz=20200 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 20200 x-served-by cache-lcy19228-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.553222,VS0,VE0 etag "p6Ujp/dzsjEBnPd7NQRL9RmWBt5YuZNuUt5UUBmW6Ik" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 4, 527
GET H2	200	1920.jpg i.guim.co.uk/img/media/8e025ae18792c2d1e080611754bd1f8f3fac8b1b/0_0_1920_1080/	8 KB 9 KB	7ms 6ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/8e025ae18792c2d1e080611754bd1f8f3fac8b1b/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=60322a6760e44fed567339d5be3090c2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b91ecd0fbf96f15c834479c328cc1d624d8e16b890e437c8b2dd1394cfee1748 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 172141 x-cache HIT, HIT fastly-io-info ifsz=59589 idim=1920x1080 ifmt=jpeg ofsz=8470 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 8470 x-served-by cache-lcy19247-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.553208,VS0,VE0 etag "3Vpu2Bf4qhE3R7iGsnrf6yvTphV5fydcPc1yGH7+G1c" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 728
GET H2	200	1920.jpg i.guim.co.uk/img/media/03ea01c3e0604c47a5c8e324c81e0a5059e407f6/0_0_1920_1080/	25 KB 25 KB	8ms 7ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/03ea01c3e0604c47a5c8e324c81e0a5059e407f6/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=e014928a2b659eeb8eff354c1e395e81 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 9386adce9fb2027725976e1370c46f998a70db5f1f49b332a10afca953f6433d Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 690990 x-cache HIT, HIT fastly-io-info ifsz=240121 idim=1920x1080 ifmt=jpeg ofsz=25744 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 25744 x-served-by cache-lcy19250-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.553203,VS0,VE0 etag "9pI41nash/96tWA4FHdqNDfCPLs490VijLimc56N7PQ" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 1849
GET H2	200	1920.jpg i.guim.co.uk/img/media/a5fb098cf29c48d9806a5914e96856b9ee7d569d/0_0_1920_1080/	28 KB 29 KB	8ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/a5fb098cf29c48d9806a5914e96856b9ee7d569d/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=fd6a38c0258602eb155fb177c2e63864 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5a3a417be0c0ec2d84897429bce58e7e0f219a5574d527b2bdb636308cc98faf Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 266957 x-cache HIT, HIT fastly-io-info ifsz=212432 idim=1920x1080 ifmt=jpeg ofsz=29086 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 29086 x-served-by cache-lcy19227-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.553198,VS0,VE0 etag "sysJMkgSQup73/IkbeoeHp0EV4jp5a3CSsCzeE1xYcc" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 1234
GET H2	200	1832.jpg i.guim.co.uk/img/media/55d2ffadca004ed4a027e4058157a78d13f3f3a1/5_46_1832_1030/	24 KB 24 KB	7ms 7ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/55d2ffadca004ed4a027e4058157a78d13f3f3a1/5_46_1832_1030/1832.jpg?width=700&quality=85&auto=format&fit=max&s=d5d155358670aefe327a2e486ada9fe1 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c135137010776230e5af9b627624d3c348f2de7d19219f7572e0facf241ce53d Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 353485 x-cache HIT, HIT fastly-io-info ifsz=156977 idim=1832x1030 ifmt=jpeg ofsz=24288 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 24288 x-served-by cache-lcy19244-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.553175,VS0,VE0 etag "gR5CkUlZeB2E+MjDYigE+pLDlDdXudEnAJvDj9ZR320" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 1361
GET H2	200	1920.jpg i.guim.co.uk/img/media/3aa7197d65b3c27bc7cdf01f1055b4c36f7d645e/0_0_1920_1080/	35 KB 35 KB	12ms 12ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/3aa7197d65b3c27bc7cdf01f1055b4c36f7d645e/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=d37a65fd5cb0d7fa762d77cde009ea85 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash fa7bf4b97b734162e6001148ec790c0ffd38259235a330b83811e684683d7e90 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 608679 x-cache HIT, HIT fastly-io-info ifsz=323049 idim=1920x1080 ifmt=jpeg ofsz=35434 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 35434 x-served-by cache-lcy19223-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.553367,VS0,VE0 etag "rdV/bNe9XGyOL0ZBZAs62ENiaoMG/H3RaN9uBcwSl9s" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 2783
GET H2	200	4000.jpg i.guim.co.uk/img/media/170aac0ab50047831c4759839aa04060df41e0d3/0_0_4000_2250/	23 KB 24 KB	9ms 9ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/170aac0ab50047831c4759839aa04060df41e0d3/0_0_4000_2250/4000.jpg?width=700&quality=85&auto=format&fit=max&s=f852acdb7639917fa4bf607884a579c9 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c323402f372b50643e75e55512e0429eb4289efd99633b09aa54454480a8b810 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 642054 x-cache HIT, HIT fastly-io-info ifsz=1386095 idim=4000x2250 ifmt=jpeg ofsz=24046 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 24046 x-served-by cache-lcy19234-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.560558,VS0,VE0 etag "gOnUVoVaSiVd4Utkz7tglD9AKeS0Hy+ZAY2LIWtWZZg" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 4, 1406
GET H2	200	1920.jpg i.guim.co.uk/img/media/ea8f4f38e00a220854178db47a5687304c019ad7/0_0_1920_1080/	20 KB 20 KB	8ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/ea8f4f38e00a220854178db47a5687304c019ad7/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=f58af76c6d02ff04152a40f2859e9ae4 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 82bdad168c3e0484b1218d2e7bce28e99cdcb7c72165fd85389df80f85727276 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 700152 x-cache HIT, HIT fastly-io-info ifsz=281090 idim=1920x1080 ifmt=jpeg ofsz=20552 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 20552 x-served-by cache-lcy19235-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.561520,VS0,VE0 etag "9m3U9po7hTf2+M7yiOICz+mswfoXZAVOlDib5iY1xig" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 1789
GET H2	200	1747.jpg i.guim.co.uk/img/media/551c38a638600c7e906ea845c0fb80dfd18a2f0f/86_0_1747_983/	54 KB 54 KB	8ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/551c38a638600c7e906ea845c0fb80dfd18a2f0f/86_0_1747_983/1747.jpg?width=700&quality=85&auto=format&fit=max&s=70aef9708a924b72d3050dfc78b6a77c Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 03ac96fbe9353b7a2490f97057e3aea00f0df62e73d40856e8029f69a2fbe108 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 755537 x-cache HIT, HIT fastly-io-info ifsz=239866 idim=1747x983 ifmt=jpeg ofsz=54896 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 54896 x-served-by cache-lcy19251-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.562913,VS0,VE0 etag "/zbNj9d4NUyvLDcQv0fQje+ggVNms3QbzdGb3rpLHd0" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 1310
GET H2	200	1920.jpg i.guim.co.uk/img/media/2bb5a3fb83990882bb04d9dbc3343a97c9bc2706/0_0_1920_1080/	22 KB 23 KB	10ms 10ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/2bb5a3fb83990882bb04d9dbc3343a97c9bc2706/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=f2549d0d0f22d58de2b102c39050d650 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 18e0025c344b011c94a5b50bab9abae004888542be77b6634de66f1b0d2651ea Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 1300968 x-cache HIT, HIT fastly-io-info ifsz=278966 idim=1920x1080 ifmt=jpeg ofsz=22858 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 22858 x-served-by cache-lcy19221-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.564344,VS0,VE0 etag "gNfWXT8Z9lz9LHIICFXLLqM1OjjKBr/kiv9EjXiC8j4" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 1710
GET H2	200	2639.jpg i.guim.co.uk/img/media/df322da4e640ce8290f11ba84a605298abe2bd14/668_373_2639_1485/	14 KB 14 KB	9ms 9ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/df322da4e640ce8290f11ba84a605298abe2bd14/668_373_2639_1485/2639.jpg?width=700&quality=85&auto=format&fit=max&s=ce1d953c4435fe198fe1a85b736b816a Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash caf0caf29ae3911496dceb1d30d679ac91a085abc98dfbb31e0a85190ed7a1b3 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 928263 x-cache HIT, HIT fastly-io-info ifsz=275290 idim=2639x1485 ifmt=jpeg ofsz=14510 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 14510 x-served-by cache-lcy19240-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.566194,VS0,VE0 etag "yYnvcaTie2bMBRMqK+AtpesQMnHF+w2F9XCfiVrSrL4" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 1268
GET H2	200	1920.jpg i.guim.co.uk/img/media/2091f9e4e0df40ffc80b6ad02ad4a3801eb5a3cd/0_0_1920_1080/	45 KB 45 KB	8ms 8ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/2091f9e4e0df40ffc80b6ad02ad4a3801eb5a3cd/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=8b07a69a0e1266e35bcb70cd948aa430 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 25761786ffc5b22328cfac64fae3ee753fcacd66193dfc6da33fde218b019354 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 1309894 x-cache HIT, HIT fastly-io-info ifsz=355711 idim=1920x1080 ifmt=jpeg ofsz=46198 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 46198 x-served-by cache-lcy19241-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.567156,VS0,VE0 etag "GGbNoQ/e6yIw29KwBXtaTZTHVVe5bsB9BZDIuEwXYLU" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 2, 1637
GET H2	200	1920.jpg i.guim.co.uk/img/media/a7a5a2808861beb50e9460be2e8d8029d38b3f64/0_0_1920_1080/	43 KB 44 KB	9ms 9ms	Image image/webp	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.guim.co.uk/img/media/a7a5a2808861beb50e9460be2e8d8029d38b3f64/0_0_1920_1080/1920.jpg?width=700&quality=85&auto=format&fit=max&s=f530858edc6e8eb09fe7887a6ef25c12 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 0d50651344a78faa916d962c965a21598b2de052bc961084c48a27801ad6f724 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish, 1.1 varnish age 1465384 x-cache HIT, HIT fastly-io-info ifsz=260977 idim=1920x1080 ifmt=jpeg ofsz=44530 odim=700x394 ofmt=webp status 200 fastly-stats io=1 content-length 44530 x-served-by cache-lcy19234-LCY, cache-fra19162-FRA server AmazonS3 x-timer S1581084283.568322,VS0,VE0 etag "PmqKzlm+aIOajV/cLK8RW6HRIsbdMUO/QfthXl4OHgA" vary Accept, Accept-Encoding content-type image/webp cache-control max-age=31536000 accept-ranges bytes x-cache-hits 1, 1894
GET H2	200	GHGuardianHeadline-Bold.woff2 interactive.guim.co.uk/fonts/garnett/	24 KB 24 KB	7ms 6ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://interactive.guim.co.uk/fonts/garnett/GHGuardianHeadline-Bold.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 427ecd19989b8709723db362e706bfd9484baf38437184255219b11c56601f0e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 150 x-cache HIT status 200 content-length 24732 x-amz-id-2 +SwFjN8gkvkyTB6LpRRB/gjh7M3KDZ9rTDyznZgJowsm0PjYjLkxzAfi4ER0WV7ooKmLAMVd2Ds= x-served-by cache-fra19172-FRA last-modified Wed, 21 Feb 2018 12:19:23 GMT server AmazonS3 x-timer S1581084283.551980,VS0,VE0 etag "318b96e49795a458a42c13af7e477a5a" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id 75B8FA74DD1CF1AB access-control-allow-origin * access-control-expose-headers Date cache-control public,max-age=360 x-amz-meta-creator Cyberduck accept-ranges bytes content-type application/octet-stream access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 3
GET H2	200	GHGuardianHeadline-Light.woff2 interactive.guim.co.uk/fonts/garnett/	23 KB 23 KB	6ms 6ms	Font application/octet-stream	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://interactive.guim.co.uk/fonts/garnett/GHGuardianHeadline-Light.woff2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 00164fb038288b3c8e7400e22e7b2040dea5d7c8f65795618635dd23a2a13e4d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish age 259 x-cache HIT status 200 content-length 23496 x-amz-id-2 OU1rmRR4CBNNAXyuRwNeJl1mBvcCyZlVXlXoHds2yOj0SKNemMv8399nxS7t3lmom7N/EDi7zo8= x-served-by cache-fra19172-FRA last-modified Wed, 21 Feb 2018 12:19:26 GMT server AmazonS3 x-timer S1581084283.551949,VS0,VE0 etag "ae44a5a5dbbcbfa2e4ae6267c793b22b" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id 3851CC906F208257 access-control-allow-origin * access-control-expose-headers Date cache-control public,max-age=360 x-amz-meta-creator Cyberduck accept-ranges bytes content-type application/octet-stream access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 5
GET H/1.1	404 Not Found	today-uk Show response gzdfjspx.com/email/form/footer/ Frame A229	548 B 696 B	287ms 286ms	Document text/html	154.211.88.5 ITACE-AS-AP Itace...
General Check archive.org Show headers Download Go to Full URL http://gzdfjspx.com/email/form/footer/today-uk Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 154.211.88.5 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK), Reverse DNS Software nginx / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers Host gzdfjspx.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate Cookie PHPSESSID=e8usu60k6t4bpla8g3j1hgo81e Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Server nginx Date Fri, 07 Feb 2020 14:04:42 GMT Content-Type text/html Content-Length 548 Connection keep-alive
GET H/1.1	200 OK	pv.gif phar.gu-web.net/count/	35 B 273 B	448ms 32ms	Image image/gif	34.246.5.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://phar.gu-web.net/count/pv.gif Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.5.20 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-246-5-20.eu-west-1.compute.amazonaws.com Software / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:43 GMT Content-Encoding gzip Cache-Control private, no-store, no-cache Content-Length 57 Vary Accept-Encoding Connection keep-alive Content-Type image/gif
GET H/1.1	200 OK	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	12ms 6ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.google-analytics.com/analytics.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Strict-Transport-Security max-age=10886400; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 24 Jan 2020 01:10:36 GMT Server Golfe2 Age 1331 Date Fri, 07 Feb 2020 13:42:31 GMT Vary Accept-Encoding Content-Type text/javascript Cache-Control public, max-age=7200 Content-Length 17926 Expires Fri, 07 Feb 2020 15:42:31 GMT
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	35ms 35ms	Script application/x-javascript	104.104.177.51 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.104.177.51 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-104-177-51.deploy.static.akamaitechnologies.com Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Content-Encoding gzip X-Check-Cacheable YES X-Serial 1879 X-Akamai-Pragma-Client-IP 10.17.122.247, 159.122.91.140 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 X-Akamai-SSL-Client-Sid uLvOZxPyFbcZzMgo9BpSUQ== Expires Sat, 08 Feb 2020 14:04:42 GMT
GET H2	200	graun.vendors~commercial~enhanced.js Show response assets.guim.co.uk/javascripts/30e4f052db69d76ed23d/	61 KB 21 KB	6ms 6ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/30e4f052db69d76ed23d/graun.vendors~commercial~enhanced.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash cc1b9a87fcdeb59554729da57d955b52867c43202eb803ffe68acef62e947ce9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id Uwk0JyTztnemFVuciudLW.vDKSYhi_M6 content-encoding gzip age 13288 x-gu-debug-url /PROD/frontend-static/javascripts/30e4f052db69d76ed23d/graun.vendors~commercial~enhanced.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 20665 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 aN2B97qsFkLcRFK0lOP+VJ1+/rBByuExJY729fXxhvkLVBYqu+Zvd/53DL/vlN9F0nfE2oxS7zY= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:13 GMT server AmazonS3 x-timer S1581084283.690008,VS0,VE0 etag "c5d6642962fd8ac0a9c884581da22cf8" vary Accept-Encoding x-amz-request-id CFBB332788669EC0 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 508
GET H2	200	graun.vendors~commercial~facia.js Show response assets.guim.co.uk/javascripts/35cd649fd927bcd44ff1/	8 KB 3 KB	7ms 7ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/35cd649fd927bcd44ff1/graun.vendors~commercial~facia.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6ecb9ff9e3f93fd80c974a322b009ec598fd44b0cc9a87640e7b980fe2eb1c77 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id 9I8BtAJD_vAmmNWwSQmyu4hQpRsLzeR3 content-encoding gzip age 13236 x-gu-debug-url /PROD/frontend-static/javascripts/35cd649fd927bcd44ff1/graun.vendors~commercial~facia.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 3026 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 5W3jR4bHezgE4HqjYBvQQCAaI7RhXuPg1UwN3feU6X0hHqSsCIbo/QxfOieJX9XsrNFiARQI31s= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:14 GMT server AmazonS3 x-timer S1581084283.690183,VS0,VE0 etag "1fca226cbe676b1d2677ecc5342e5e10" vary Accept-Encoding x-amz-request-id 1994BB2E83361BD3 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 512
GET H2	200	graun.commercial~enhanced.js Show response assets.guim.co.uk/javascripts/6e44a1bc13d23e788e5c/	69 KB 22 KB	8ms 8ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/6e44a1bc13d23e788e5c/graun.commercial~enhanced.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a4e4c27c552f55af45e6f256318d29cf424450c0c84c5e45cfc97d453ee1d84d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id lmd8PEYQNeULka_MjcQAOM7AMlI_pMfX content-encoding gzip age 13218 x-gu-debug-url /PROD/frontend-static/javascripts/6e44a1bc13d23e788e5c/graun.commercial~enhanced.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 21775 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 yny353pjpoDpC2oG/T/ERa2oMz+X82xpU2nX+clcreJSkp/2gS1jDigGYH6p0LNF6Z8ap4cbzVE= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:16 GMT server AmazonS3 x-timer S1581084283.690220,VS0,VE0 etag "df09f9ba88ffadc62e5d40b2584e4342" vary Accept-Encoding x-amz-request-id 5C83FB0BDED2B9A3 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 502
GET H2	200	graun.commercial.js Show response assets.guim.co.uk/javascripts/2bd0afab933b152ce5e4/	167 KB 48 KB	12ms 12ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/2bd0afab933b152ce5e4/graun.commercial.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash dc07db35a50f26a0b005456db7bb9071790949938fb711ed7d707f67bdf14885 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id b_MaL.B4mbniDr9uKc.c4IX4ZkAfvhlc content-encoding gzip age 13294 x-gu-debug-url /PROD/frontend-static/javascripts/2bd0afab933b152ce5e4/graun.commercial.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 48845 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 mIvFDlDdPv7bOTT8DaVA9TYtvWsQJTrea/lVgVmruxseSp1OtDkzTxZjC8FuLL+WbMUwIrVp3n4= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:13 GMT server AmazonS3 x-timer S1581084283.690527,VS0,VE0 etag "66b5d7799b210b3c4ab0a06e0f47bb1d" vary Accept-Encoding x-amz-request-id C00DC9D5BBC40C41 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 518
GET H2	200	graun.enhanced.js Show response assets.guim.co.uk/javascripts/641e476ab27798f7cbf7/	110 KB 36 KB	10ms 9ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/641e476ab27798f7cbf7/graun.enhanced.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b2194ef77e9da8c05ae7311c48ff57113c286f0e8d5fa9c950c2c15736d8d2ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id Uk1GRb20Ga6DZOPRkAQd1xf7ZfoPlrAk content-encoding gzip age 13274 x-gu-debug-url /PROD/frontend-static/javascripts/641e476ab27798f7cbf7/graun.enhanced.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 36537 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 8ibujjV+bSdV0bVsdbq8cFZ1w8aXv2+VKLki6GgrbWvQtOEcuCzILGMa7BL2zJYz2L0V9zN2xuI= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:15 GMT server AmazonS3 x-timer S1581084283.690510,VS0,VE0 etag "d319935eebbede0d14b35ab824c7d3c4" vary Accept-Encoding x-amz-request-id 84FB60B5809902C1 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 505
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j80&aip=1&a=440800040&t=pageview&_s=1&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_gid=46876360.1581084283&gjid=685450005&_v=j80&z=106557211 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_v=j80&z=106557211 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_v=j80&z=106557211&slf_rd=1&random=3344430351	42 B 109 B	20ms 20ms	Image image/gif	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_v=j80&z=106557211&slf_rd=1&random=3344430351 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:42 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 07 Feb 2020 14:04:42 GMT x-content-type-options nosniff server cafe timing-allow-origin * location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78705427-1&cid=213692129.1581084283&jid=941176925&_v=j80&z=106557211&slf_rd=1&random=3344430351 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 95 B	7ms 6ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j80&aip=1&a=440800040&t=timing&_s=2&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Javascript%20Load&utv=standardStart&utl=Standard%20start%20parse%20time&utt=2207&_u=YEDAAUAB~&jid=&gjid=&cid=213692129.1581084283&tid=UA-78705427-1&_gid=46876360.1581084283&cd3=theguardian.com&cd4=international&cd5=networkfront&cd9=international%2Finternational&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&cd29=http%3A%2F%2Fgzdfjspx.com%2F&cd30=international&cd31=ifpma&cd43=none&cd50=News&z=1603075329 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Wed, 05 Feb 2020 03:55:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 209346 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 101 B	6ms 6ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j80&aip=1&a=440800040&t=timing&_s=3&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Javascript%20Load&utv=standardEnd&utl=Standard%20end%20parse%20time&utt=2210&_u=YEDAAUAB~&jid=&gjid=&cid=213692129.1581084283&tid=UA-78705427-1&_gid=46876360.1581084283&cd3=theguardian.com&cd4=international&cd5=networkfront&cd9=international%2Finternational&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&cd29=http%3A%2F%2Fgzdfjspx.com%2F&cd30=international&cd31=ifpma&cd43=none&cd50=News&z=385227004 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Wed, 05 Feb 2020 03:55:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 209346 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	epic-tests.json Show response support.theguardian.com/	155 KB 11 KB	123ms 39ms	XHR application/octet-stream	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://support.theguardian.com/epic-tests.json Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 49f2b52efd65d0898fbf4f88c95b122b13c40ead3e99e4ecaec21a743925430f Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-amz-version-id NJ_dsmTKfrwEuofhiBaDjNI28EC_Lf31 content-encoding gzip etag "afd72807d7b1560197805e3582d3603e" age 10219 via 1.1 varnish x-cache HIT status 200 x-amz-meta-surrogate-control max-age=86400 content-length 10786 x-amz-id-2 NpMltr3iXbT1YDYlILI9uGhKCsAb95O7T1dOGcz/ksz0iK8dOxBRROdK0JgCVIDaVU4B20nqwaw= x-served-by cache-fra19130-FRA last-modified Tue, 04 Feb 2020 11:14:24 GMT server AmazonS3 x-timer S1581084283.833231,VS0,VE0 date Fri, 07 Feb 2020 14:04:42 GMT vary Accept-Encoding x-amz-request-id B2277CDA8E5A9C61 access-control-allow-origin * cache-control max-age=30 accept-ranges bytes content-type application/octet-stream x-cache-hits 857
GET H2	200	1IEVVHU5ZObCzyPV-BLQczaSzxe7pawLcH8_lvFD0Csk.json Show response interactive.guim.co.uk/docsdata/	13 KB 2 KB	6ms 6ms	XHR application/json	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://interactive.guim.co.uk/docsdata/1IEVVHU5ZObCzyPV-BLQczaSzxe7pawLcH8_lvFD0Csk.json Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b41ebe8b3a348bc847c5e028463cf20f66f2928d450d41cfd80f2d3fd4404ba0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip vary Accept-Encoding age 15 via 1.1 varnish x-cache HIT status 200 content-length 1710 x-amz-id-2 EZRFCgNGDyr7/BUgeO9YJn/au5TeItzi0uzdAKOB+AlzRCOTv2XkFXYzTAYhnv90CYnE+nivpoc= x-served-by cache-fra19172-FRA last-modified Tue, 28 Jan 2020 12:02:20 GMT server AmazonS3 x-timer S1581084283.732155,VS0,VE0 etag "f4cb8790ef9c6ceb9f9694ff6df7073a" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id DB14559B852F0CF0 access-control-allow-origin * access-control-expose-headers Date cache-control max-age=30 accept-ranges bytes content-type application/json access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 1
GET H2	200	collect www.google-analytics.com/	35 B 96 B	6ms 5ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j80&aip=1&a=440800040&t=timing&_s=4&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Javascript%20Load&utv=enhancedStart&utl=Enhanced%20start%20parse%20time&utt=2253&_u=aEDAAUAB~&jid=&gjid=&cid=213692129.1581084283&tid=UA-78705427-1&_gid=46876360.1581084283&cd3=theguardian.com&cd4=international&cd5=networkfront&cd9=international%2Finternational&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&cd29=http%3A%2F%2Fgzdfjspx.com%2F&cd30=international&cd31=ifpma&cd43=none&cd50=News&z=689612178 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Wed, 05 Feb 2020 03:55:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 209346 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	31ms 31ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&abTestRegister=%7B%22aboldTlsSupportDeprecationControl%22%3A%7B%22variantName%22%3A%22inTest%22%2C%22complete%22%3A%22false%22%7D%7D Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	rest-of-world Show response api.nextgen.guardianapps.co.uk/reader-revenue/subscriptions-banner-deploy-log/	22 B 320 B	119ms 39ms	XHR text/plain	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/reader-revenue/subscriptions-banner-deploy-log/rest-of-world Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 320207a54083cd14a8eecd2ec3cbc9667bfcc48b6831f248e7d12ea23edb15c7 Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 344306 x-gu-backend-app applications x-cache HIT, HIT status 200 content-length 48 x-served-by cache-lcy19243-LCY, cache-fra19143-FRA access-control-allow-origin * server nginx x-timer S1581084283.845541,VS0,VE1 x-gu-geolocation country:GB etag W/"hash5513273907681096900" vary Accept-Encoding content-type text/plain; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control max-age=60, stale-while-revalidate=6, stale-if-error=864000, private access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 1, 1
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	31ms 31ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&component=privacy-prefs&value=pv%20%3A%20null%20%3A%20gu_tk Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	graun.vendors~audio~cmp.js Show response assets.guim.co.uk/javascripts/39e129284fdc4ede1136/	109 KB 35 KB	6ms 6ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/39e129284fdc4ede1136/graun.vendors~audio~cmp.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d388a90d02de1036ea9f39cfdc3d262cf4a72e3e677bcff116e96eda6bdd7c11 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id V.S3tZewDu2dv11vC6G1rOV_QGM0tQfb content-encoding gzip age 616689 x-gu-debug-url /PROD/frontend-static/javascripts/39e129284fdc4ede1136/graun.vendors~audio~cmp.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 35565 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 67tMlT6qHStoVFxLXXr5E4TQWKMbx9p0bDX5/ixyq0ivy8sQz8jYtire+8FiMptcLq0B5xEJ7z0= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 31 Jan 2020 10:44:24 GMT server AmazonS3 x-timer S1581084283.750788,VS0,VE0 etag "15c2bcda7fc04e52d5f8732c523f2dc8" vary Accept-Encoding x-amz-request-id E73C8A055E4AC1D2 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 165
GET H2	200	graun.vendors~cmp.js Show response assets.guim.co.uk/javascripts/406e5a61e614621269fc/	70 KB 21 KB	6ms 6ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/406e5a61e614621269fc/graun.vendors~cmp.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4dfee144ee5492ee1c827c115ad8a804c4d6872fad8a0462b890c3c966f45339 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id drNMo7UWzjyxFpJ2AWxIl3V1AWFWddIO content-encoding gzip age 13253 x-gu-debug-url /PROD/frontend-static/javascripts/406e5a61e614621269fc/graun.vendors~cmp.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 21053 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 Mj3oCxXDqVdThWeV7ihUbI7vK0iwdzGi0Lj97CwWCy+tjjaQLvTzVRxXUrmpQHSgzmQKFyr+eN0= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:15 GMT server AmazonS3 x-timer S1581084283.750801,VS0,VE0 etag "09f02a1bd7835a0cc2d25f1b28f50040" vary Accept-Encoding x-amz-request-id ABB4BF32D2E7C3E4 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 160
GET H2	200	graun.cmp.js Show response assets.guim.co.uk/javascripts/5b769ce8bf7b3aaa9a5b/	820 B 773 B	9ms 9ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/5b769ce8bf7b3aaa9a5b/graun.cmp.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 69a4a04768263dccd24a9214b7fdf205bc7e04cc37ef5bddaaf15eace208a53e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id Q0hBDCM135zfpxOSUB.Vz5rMXfrTG2ZZ content-encoding gzip age 13106 x-gu-debug-url /PROD/frontend-static/javascripts/5b769ce8bf7b3aaa9a5b/graun.cmp.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 509 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 h5TEV+sKGMw4Dh5kjg8SXB8wNBHD8J/E5NMzXuCBoJDD9tD3klV44oK09hzjNwT/od7lWUAgy4Y= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:15 GMT server AmazonS3 x-timer S1581084283.751409,VS0,VE0 etag "fd393e707c0b11f080b7b469afee5dfe" vary Accept-Encoding x-amz-request-id DBC76E45486586A6 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 161
GET H2	200	geolocation Show response api.nextgen.guardianapps.co.uk/	21 B 273 B	116ms 38ms	XHR application/json	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/geolocation Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash 5b0b729425cb14b9abd4a18b24edbd323320e3b535b2b42d455584d7e19c670d Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT via 1.1 varnish x-cache HIT status 200 content-length 21 x-served-by cache-fra19143-FRA server Varnish x-timer S1581084283.845883,VS0,VE0 content-type application/json access-control-allow-origin * cache-control access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type retry-after 0 x-cache-hits 0
GET H2	200	graun.article~facia~trail~youtube.js Show response assets.guim.co.uk/javascripts/b77fe44b5793e11e369a/	18 KB 7 KB	8ms 8ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/b77fe44b5793e11e369a/graun.article~facia~trail~youtube.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash faca07c18d515b4ff6905b05ef57eade98dd671fd245ea199ea51579c48a4ea0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id ILXZydcbpXzhkqp6IVu095_k8SgwDTfq content-encoding gzip age 13281 x-gu-debug-url /PROD/frontend-static/javascripts/b77fe44b5793e11e369a/graun.article~facia~trail~youtube.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 6553 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 TR8fIeh0MtKSr3V+yIkBPqgekMiPNwVL74w+Mdn1aeMDLmfuZG5fmQGHgSfjUmx6F5TB7JqgbFg= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:17 GMT server AmazonS3 x-timer S1581084283.751383,VS0,VE0 etag "eb3a50712edf522695ca3781560146fe" vary Accept-Encoding x-amz-request-id 2DFA592FBB16A775 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 508
GET H2	200	graun.facia.js Show response assets.guim.co.uk/javascripts/fd5bf41d691a19b52983/	32 KB 10 KB	9ms 9ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/fd5bf41d691a19b52983/graun.facia.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 117e18dd0b54144b225d1446cc6f77e55c3ecd63d4b1ba5cdf2da3739a905a49 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id yegUvGvvCpox9ZKMxhDGtkMkj3zvZSX7 content-encoding gzip age 13260 x-gu-debug-url /PROD/frontend-static/javascripts/fd5bf41d691a19b52983/graun.facia.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 10019 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 pdeg/lpk0omJpNPqubWn5WD40mONg7xzaJUzWsR1NEs/hycfFBm6CkvJhKyzUbiK/PuySx4ilgA= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:18 GMT server AmazonS3 x-timer S1581084283.751550,VS0,VE0 etag "f922bfcb64a89bed0882277f780a1576" vary Accept-Encoding x-amz-request-id F2D7F81EF0914C10 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 285
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	48ms 31ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&component=banner-picker&value=cmpUi Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	collect www.google-analytics.com/	35 B 96 B	6ms 6ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j80&aip=1&a=440800040&t=timing&_s=5&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Javascript%20Load&utv=enhancedEnd&utl=Enhanced%20end%20parse%20time&utt=2272&_u=aEDAAUAB~&jid=&gjid=&cid=213692129.1581084283&tid=UA-78705427-1&_gid=46876360.1581084283&cd3=theguardian.com&cd4=international&cd5=networkfront&cd9=international%2Finternational&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&cd29=http%3A%2F%2Fgzdfjspx.com%2F&cd30=international&cd31=ifpma&cd43=none&cd50=News&z=340719354 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Wed, 05 Feb 2020 03:55:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 209346 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	graun.youtube.js Show response assets.guim.co.uk/javascripts/50ea1bcfb287146f6c18/	623 B 662 B	6ms 6ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/50ea1bcfb287146f6c18/graun.youtube.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4b6f54d45b10982848015142bc50ca8e981269d1e0ffc40a07eaec1a575b67b7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id 03KTZqAxS0F28KjEjOxay_5G8puAPl7d content-encoding gzip age 13273 x-gu-debug-url /PROD/frontend-static/javascripts/50ea1bcfb287146f6c18/graun.youtube.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 328 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 Xr+wQeHgT1n1vYOlwDzfJF+XpIFomA0SV35mTtJFOOY1t3G1lYNtLZMhebXF8JxYOHbl3ZA5bW8= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 07 Feb 2020 10:21:15 GMT server AmazonS3 x-timer S1581084283.761080,VS0,VE0 etag "2f36c2db607c4ea1f4cf8e3c0f996757" vary Accept-Encoding x-amz-request-id A75584BDF0BADA78 via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 287
GET H2	200	comment-counts.json Show response api.nextgen.guardianapps.co.uk/discussion/	573 B 389 B	134ms 66ms	XHR application/json	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/discussion/comment-counts.json?shortUrls=/p/d4nj7,/p/d65zm,/p/d6c2q,/p/d82q7,/p/d847a,/p/d84j2,/p/d8585,/p/d85ex,/p/d863b,/p/d86jh,/p/d89zx,/p/d8bj2,/p/d8bpx,/p/d8c3t,/p/d8dak,/p/d8evz,/p/d8v6y,/p/d8x62,/p/d8x68 Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 695a3699a1513421422ec4da6d62a16886e0df8daed568869619335c1aef47a1 Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 0 x-gu-backend-app discussion x-cache MISS, MISS status 200 content-length 193 x-served-by cache-lcy19265-LCY, cache-fra19143-FRA access-control-allow-origin * server nginx x-timer S1581084283.845864,VS0,VE28 x-gu-geolocation country:GB etag W/"hash7150414416059837416" vary Accept-Encoding,Origin,Accept content-type application/json via 1.1 varnish, 1.1 varnish cache-control max-age=60, stale-while-revalidate=6, stale-if-error=864000, private access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 0, 0
GET H2	200	1CIHCoe87hyPHosXx1pYeVUoohvmIqh9cC_kNlV-CMHQ.json Show response interactive.guim.co.uk/docsdata/	761 B 887 B	6ms 6ms	XHR application/json	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://interactive.guim.co.uk/docsdata/1CIHCoe87hyPHosXx1pYeVUoohvmIqh9cC_kNlV-CMHQ.json Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ff00feccbd90e25199972bdca5e3be44c51f5101c64e2ba94ff463bf3530c2ff Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip vary Accept-Encoding age 24 via 1.1 varnish x-cache HIT status 200 content-length 488 x-amz-id-2 187A3JirKXg4W5TNEm9yuWieMoPQDAUqpFRRCjNBHlkxG5lm+P24DIXJg0Yk6anRfBZ7dXQ3pDo= x-served-by cache-fra19172-FRA last-modified Fri, 10 May 2019 11:01:53 GMT server AmazonS3 x-timer S1581084283.766807,VS0,VE0 etag "6e90bd10567891c986123fe96512d0c6" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-amz-request-id 34E503BB2C20C59F access-control-allow-origin * access-control-expose-headers Date cache-control max-age=30 accept-ranges bytes content-type application/json access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range x-cache-hits 1
GET H2	200	graun.vendors~Prebid.js.js Show response assets.guim.co.uk/javascripts/61e0c1c446139fc8785c/	230 KB 73 KB	6ms 6ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/61e0c1c446139fc8785c/graun.vendors~Prebid.js.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7a15c41017118cbb6aec614078866d3a6b577962ce0dd27903a35b61f50f4c5d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id O7WPYzq9lLFUyF2Cc3HQNIr3_RPG3Dl9 content-encoding gzip age 74433 x-gu-debug-url /PROD/frontend-static/javascripts/61e0c1c446139fc8785c/graun.vendors~Prebid.js.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 74009 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 1knLgPOtnLVmVZyn5hc+yRMmpafUNRRGvQ9DMX5Q98n6YdCGdOXpSciH9gVc+4xBbFIgwctG1hE= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Fri, 31 Jan 2020 10:44:26 GMT server AmazonS3 x-timer S1581084283.780015,VS0,VE0 etag "7b59aac1a67f35ada2a6755ca028425d" vary Accept-Encoding x-amz-request-id CC0C7688D543FF1F via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 491
GET H2	200	graun.43.js Show response assets.guim.co.uk/javascripts/1d15522bab7aaaf35d55/	512 B 774 B	8ms 8ms	Script application/javascript	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.guim.co.uk/javascripts/1d15522bab7aaaf35d55/graun.43.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ead0c25c8c90679a662945483c3e2aa1d57707ceb6cf5a11bf18db3fd7d7626e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id AA7R9gmEP0vK0_p3H6DeBWYWmCHUHd3g content-encoding gzip age 1462158 x-gu-debug-url /PROD/frontend-static/javascripts/1d15522bab7aaaf35d55/graun.43.js x-cache HIT status 200 date Fri, 07 Feb 2020 14:04:42 GMT content-length 342 strict-transport-security max-age=31536000 fastly-restarts 1 x-amz-id-2 0EtEEIN9eCbQIP2OGkrYPcrjDJMRWpgmG6verzF+RaqW2LW1QNSwJyibE+BUF8uSUO+kApmGxQo= x-served-by cache-fra19162-FRA access-control-allow-origin * last-modified Tue, 21 Jan 2020 15:53:21 GMT server AmazonS3 x-timer S1581084283.782127,VS0,VE0 etag "81e241c58579a19a9bf40fc60b639858" vary Accept-Encoding x-amz-request-id E9DAAF90DDF1098E via 1.1 varnish cache-control public, max-age=315360000 access-control-allow-credentials true accept-ranges bytes content-type application/javascript x-cache-hits 3247
GET H2	200	collect www.google-analytics.com/	35 B 96 B	6ms 6ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j80&aip=1&a=440800040&t=timing&_s=6&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Javascript%20Load&utv=commercialStart&utl=Commercial%20start%20parse%20time&utt=2303&_u=aEDAAUAB~&jid=&gjid=&cid=213692129.1581084283&tid=UA-78705427-1&_gid=46876360.1581084283&cd3=theguardian.com&cd4=international&cd5=networkfront&cd9=international%2Finternational&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&cd29=http%3A%2F%2Fgzdfjspx.com%2F&cd30=international&cd31=ifpma&cd43=none&cd50=News&z=1307032020 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Wed, 05 Feb 2020 03:55:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 209346 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	403 Forbidden	var=OzoneLotameData ad.crwdcntrl.net/5/c=13271/pe=y/	0 0	63ms 42ms	Script application/javascript	34.241.79.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ad.crwdcntrl.net/5/c=13271/pe=y/var=OzoneLotameData Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/6e44a1bc13d23e788e5c/graun.commercial~enhanced.js Protocol HTTP/1.1 Server 34.241.79.175 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-79-175.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:42 GMT P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Access-Control-Allow-Origin * Cache-Control no-cache X-Server 10.45.15.139 Connection keep-alive Content-Type application/javascript;charset=UTF-8 Content-Length 94 Expires 0
GET H/1.1	200 OK	config.js Show response confiant-integrations.global.ssl.fastly.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/	33 KB 9 KB	72ms 51ms	Script text/javascript	151.101.113.194 FASTLY
General Check archive.org Show headers Download Go to Full URL http://confiant-integrations.global.ssl.fastly.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/6e44a1bc13d23e788e5c/graun.commercial~enhanced.js Protocol HTTP/1.1 Server 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash fbfc4c86c60329eaef456e4b7e0f914e18b900999695eb99139837b4f3f04ed7 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Content-Encoding gzip Age 2462 X-Cache HIT Connection keep-alive Content-Length 8196 x-amz-id-2 OQe2jBUK3iun+/FG0WmZePutbO06WpRdfTvr9u+q5fe++1/RWv7SPxtK2s3Zc+TZCziX2ehg9Y4= X-Served-By cache-hhn4034-HHN Last-Modified Fri, 07 Feb 2020 13:09:12 GMT Server AmazonS3 X-Timer S1581084283.834856,VS0,VE0 ETag "0cc378badd9c8ea699fe26b5b3d68986" x-amz-request-id 7BCC5F1726AE5309 Via 1.1 varnish Cache-Control public, max-age=900, stale-while-revalidate=3600 Accept-Ranges bytes Content-Type text/javascript X-Cache-Hits 286
GET H/1.1	200 OK	gpt.js Show response www.googletagservices.com/tag/js/	44 KB 15 KB	21ms 14ms	Script text/javascript	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.googletagservices.com/tag/js/gpt.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/6e44a1bc13d23e788e5c/graun.commercial~enhanced.js Protocol HTTP/1.1 Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8533b7600458d668c849ddcfa067c96b6aeebc6efa80a3843a8e8e5a61f9afd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server sffe ETag "421 / 107 of 1000 / last-modified: 1581031173" Vary Accept-Encoding Content-Type text/javascript Cache-Control private, max-age=900, stale-while-revalidate=3600 Timing-Allow-Origin * Content-Length 14799 X-XSS-Protection 0 Expires Fri, 07 Feb 2020 14:04:42 GMT
GET H/1.1	200 OK	ggcmb510.js Show response secure-dcr.imrworldwide.com/novms/js/2/	12 KB 5 KB	63ms 41ms	Script application/javascript	34.254.133.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://secure-dcr.imrworldwide.com/novms/js/2/ggcmb510.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/2bd0afab933b152ce5e4/graun.commercial.js Protocol HTTP/1.1 Server 34.254.133.173 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-133-173.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Content-Encoding gzip Last-Modified Tue, 07 Jan 2020 22:09:53 GMT Server nginx ETag "5e1501b1-112a" Access-Control-Allow-Methods POST, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Content-Length 4394
GET H2	200	v60.js Show response cdn-gl.imrworldwide.com/ Redirect Chain http://secure-au.imrworldwide.com/v60.js https://cdn-gl.imrworldwide.com/v60.js	21 KB 7 KB	23ms 9ms	Script text/javascript	2600:9000:214f:1000:2:42d9:3100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-gl.imrworldwide.com/v60.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:1000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id V6f0f8aPs4uc7kiNd9V1rxWOPadm6KHc content-encoding gzip last-modified Wed, 27 Mar 2019 02:17:52 GMT server AmazonS3 age 79641 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript status 200 cache-control max-age=86400 date Thu, 06 Feb 2020 15:58:37 GMT x-amz-cf-pop FRA53-C1 x-amz-cf-id f-11tgeghG1vDxk0-qVavQcDgjzw4sIPFFUZNwC3W6PMOaHMxd6ilg== via 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront) Redirect headers Location https://cdn-gl.imrworldwide.com:443/v60.js Date Fri, 07 Feb 2020 14:04:42 GMT Server awselb/2.0 Connection keep-alive Content-Length 150 Content-Type text/html
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=6035250&comscorekw=Network%20Front&ns__t=1581084282798&ns_c=GBK&cv=3.5&c8=%E5%BD%A9%E7%A5%A8%E4%BB%A3%E7%90%86_%E5%BD%A9%E7%A5%A8%E6%80%8E%E4%B9%88%E4%BB%... https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&comscorekw=Network%20Front&ns__t=1581084282798&ns_c=GBK&cv=3.5&c8=%E5%BD%A9%E7%A5%A8%E4%BB%A3%E7%90%86_%E5%BD%A9%E7%A5%A8%E6%80%8E%E4%B9%88%E4%BB...	0 528 B	36ms 35ms	Image text/plain	104.104.177.51 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&comscorekw=Network%20Front&ns__t=1581084282798&ns_c=GBK&cv=3.5&c8=%E5%BD%A9%E7%A5%A8%E4%BB%A3%E7%90%86_%E5%BD%A9%E7%A5%A8%E6%80%8E%E4%B9%88%E4%BB%A3%E7%90%86%5B4.1.8.5%5D&c7=http%3A%2F%2Fgzdfjspx.com%2F&c9=&cs_ak_ss=1 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.104.177.51 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-104-177-51.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:42 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&comscorekw=Network%20Front&ns__t=1581084282798&ns_c=GBK&cv=3.5&c8=%E5%BD%A9%E7%A5%A8%E4%BB%A3%E7%90%86_%E5%BD%A9%E7%A5%A8%E6%80%8E%E4%B9%88%E4%BB%A3%E7%90%86%5B4.1.8.5%5D&c7=http%3A%2F%2Fgzdfjspx.com%2F&c9=&cs_ak_ss=1 Pragma no-cache Date Fri, 07 Feb 2020 14:04:42 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	most-read-geo.json Show response api.nextgen.guardianapps.co.uk/	34 KB 5 KB	71ms 50ms	XHR application/json	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/most-read-geo.json Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 32f5ca35a47e661a3fb6b22ad914d0e1b672b96e6e1cc106fdd94f5f48eae374 Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 952 x-gu-backend-app onward x-cache HIT, MISS status 200 content-length 5295 x-served-by cache-lcy19225-LCY, cache-fra19143-FRA access-control-allow-origin * server nginx x-timer S1581084283.845816,VS0,VE12 x-gu-geolocation country:GB etag W/"hash-5632422926790098556" vary Accept-Encoding,Origin,Accept content-type application/json via 1.1 varnish, 1.1 varnish cache-control max-age=60, stale-while-revalidate=6, stale-if-error=864000, private access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 1, 0
GET H2	200	city.json Show response api.nextgen.guardianapps.co.uk/weatherapi/	59 B 283 B	84ms 67ms	XHR application/json	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/weatherapi/city.json Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash b0c39d1dfb76fe7931eb76bae3da637a0b2c4b17876ba5d642c54d2b104920c1 Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 0 x-gu-backend-app onward x-cache MISS, MISS status 200 content-length 80 x-served-by cache-lcy19277-LCY, cache-fra19143-FRA access-control-allow-origin * server nginx x-timer S1581084283.845865,VS0,VE28 x-gu-geolocation country:GB etag W/"hash-1410235996466346134" vary Accept-Encoding,Origin,Accept content-type application/json via 1.1 varnish, 1.1 varnish cache-control max-age=60, stale-while-revalidate=6, stale-if-error=864000, private access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 0, 0
GET H2	200	vendorlist.json Show response vendorlist.consensu.org/	93 KB 17 KB	67ms 53ms	Fetch application/json	2600:9000:214f:8c00:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/vendorlist.json Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:8c00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0f7efc26d6f3c1ada7d801cad69ada79063504d429a26f28fd1e975aa6f90be6 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:43 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop FRA53-C1 x-cache Miss from cloudfront status 200 access-control-allow-origin * last-modified Thu, 06 Feb 2020 16:00:48 GMT server AmazonS3 access-control-max-age 604800 access-control-allow-methods GET x-amz-version-id aTawDVJL4EaVi7Ox0E_oSJ0jFjyuXU03 via 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront) cache-control max-age=604800 content-type application/json; charset=utf-8 x-amz-cf-id 3RKzy07Gjk1AAKCHjNyfwlCgjipjIXzTUKHCRt3XGxGVOqbHFoQeRw==
GET H/1.1	200 OK	apstag.js Show response c.amazon-adsystem.com/aax2/	87 KB 25 KB	91ms 70ms	Script application/javascript	143.204.201.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1d15522bab7aaaf35d55/graun.43.js Protocol HTTP/1.1 Server 143.204.201.153 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-153.fra53.r.cloudfront.net Software Server / Resource Hash 59b3d33f2fd94ea19425841c32e2fbfdfb82f3a8d7afabff60fc62737e918ac0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 07:18:25 GMT Content-Encoding gzip Server Server Age 24376 ETag bdd7a7c8657eec84539eff429805b578 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 X-Amz-Cf-Pop FRA53-C1 Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id XPgisMKbt_ukW85TlZPa0b1Z3DkQ_3izwNi1zMl0P5MV9HJcG875PA==
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	15ms 15ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=gzdfjspx.com Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	14ms 14ms	Script application/javascript	2a00:1450:4001:819::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=gzdfjspx.com Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020020602.js Show response securepubads.g.doubleclick.net/gpt/	167 KB 61 KB	114ms 46ms	Script text/javascript	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020602.js Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software sffe / Resource Hash 540699ff875c5af22c7ee10a4965e9b5813770ede77f1737fed1c49711f81042 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 21:11:09 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 62278 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:42 GMT
GET H/1.1	200 OK	glcfg510.js Show response cdn-gl.imrworldwide.com/novms/js/2/configs/	2 KB 1 KB	12ms 6ms	Script application/javascript	2600:9000:214f:1000:2:42d9:3100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js Requested by Host: secure-dcr.imrworldwide.com URL: http://secure-dcr.imrworldwide.com/novms/js/2/ggcmb510.js Protocol HTTP/1.1 Server 2600:9000:214f:1000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id sn2ZTpLIuKpdkjypQV0RdMgDh8xiIgC5 Content-Encoding gzip Age 4828 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 09 Dec 2019 14:40:16 GMT Server AmazonS3 Date Fri, 07 Feb 2020 13:29:45 GMT Vary Accept-Encoding Content-Type application/javascript Via 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront) Cache-Control max-age=86400 X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id eDPgAYxjQsbozsTOiwWKOZjxURJA35GtXlLxDTY55wYCiGuPsY4QjA==
GET H/1.1	200 OK	wrap.js Show response confiant-integrations.global.ssl.fastly.net/gpt/202001101133/	86 KB 30 KB	36ms 35ms	Script application/javascript	151.101.113.194 FASTLY
General Check archive.org Show headers Download Go to Full URL http://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js Requested by Host: confiant-integrations.global.ssl.fastly.net URL: http://confiant-integrations.global.ssl.fastly.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js Protocol HTTP/1.1 Server 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 764c862d312159b49f8e6fd8b1944c16499713abe7236eb8b6b40f20cf1033fa Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Content-Encoding gzip Age 164 X-Cache HIT Connection keep-alive Content-Length 30065 x-amz-id-2 FZM0E915ekBIygNZ3cRIS1mabMFfs5N6V5yiSbYUYLio7BweKBS8jebE2h8jYR9zNhFrqItWDFI= X-Served-By cache-hhn4034-HHN Last-Modified Mon, 13 Jan 2020 19:57:14 GMT Server AmazonS3 X-Timer S1581084283.909068,VS0,VE0 ETag "62e50166bfcd03e9d6305899d1bf1737" x-amz-request-id 7D820617F51D8FB3 Via 1.1 varnish Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Type application/javascript; charset=utf-8 X-Cache-Hits 104
GET H/1.1	200 OK	wrap.js Show response confiant-integrations.global.ssl.fastly.net/prebid/202001101133/	33 KB 12 KB	72ms 52ms	Script application/javascript	151.101.113.194 FASTLY
General Check archive.org Show headers Download Go to Full URL http://confiant-integrations.global.ssl.fastly.net/prebid/202001101133/wrap.js Requested by Host: confiant-integrations.global.ssl.fastly.net URL: http://confiant-integrations.global.ssl.fastly.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js Protocol HTTP/1.1 Server 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash cf1091e08a0a0c7b7e407014d53bda0223573859d06351c958a1174479a77752 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Content-Encoding gzip Age 332 X-Cache HIT Connection keep-alive Content-Length 12169 x-amz-id-2 jI46x00XqvfSCJVfGjfPs1YzNeGfxg1+r0wXEUI81sw3IhS3HsHHVxKMk+7TNwABtwy3IATlt2M= X-Served-By cache-hhn4053-HHN Last-Modified Mon, 13 Jan 2020 19:57:17 GMT Server AmazonS3 X-Timer S1581084283.945903,VS0,VE0 ETag "aecd520c5565494b99212f397ace223e" x-amz-request-id 85DA62ABA4843CAA Via 1.1 varnish Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Type application/javascript; charset=utf-8 X-Cache-Hits 670
GET H2	200	collect www.google-analytics.com/	35 B 96 B	6ms 6ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j80&aip=1&a=440800040&t=timing&_s=7&dl=http%3A%2F%2Fgzdfjspx.com%2F&ul=en-us&de=GBK&dt=international%20network%20front&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Javascript%20Load&utv=commercialEnd&utl=Commercial%20end%20parse%20time&utt=2419&_u=aEDAAUAB~&jid=&gjid=&cid=213692129.1581084283&tid=UA-78705427-1&_gid=46876360.1581084283&cd3=theguardian.com&cd4=international&cd5=networkfront&cd9=international%2Finternational&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&cd29=http%3A%2F%2Fgzdfjspx.com%2F&cd30=international&cd31=ifpma&cd43=none&cd50=News&z=165296519 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Wed, 05 Feb 2020 03:55:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 209346 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	32ms 32ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&abTestRegister=%7B%22aboldTlsSupportDeprecationControl%22%3A%7B%22variantName%22%3A%22inTest%22%2C%22complete%22%3A%22false%22%7D%7D Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:42 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	pvg.gif phar.gu-web.net/count/	35 B 273 B	169ms 31ms	Image image/gif	34.246.5.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://phar.gu-web.net/count/pvg.gif Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.5.20 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-246-5-20.eu-west-1.compute.amazonaws.com Software / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:41 GMT Content-Encoding gzip Cache-Control private, no-store, no-cache Content-Length 57 Vary Accept-Encoding Connection keep-alive Content-Type image/gif
GET H2	200	2532632.json Show response api.nextgen.guardianapps.co.uk/weatherapi/city/	4 KB 2 KB	66ms 66ms	XHR application/json	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/weatherapi/city/2532632.json?_edition=int Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 693ae354e630e3e571974b40f2f4a1edb099e31e349cf40110afd0c014d4026e Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:42 GMT content-encoding gzip age 0 x-gu-backend-app onward x-cache MISS, MISS status 200 content-length 1465 x-served-by cache-lcy19261-LCY, cache-fra19143-FRA access-control-allow-origin * server nginx x-timer S1581084283.934484,VS0,VE28 x-gu-geolocation country:GB etag W/"hash5944478421550494723" vary Accept-Encoding,Origin,Accept content-type application/json via 1.1 varnish, 1.1 varnish cache-control max-age=60, stale-while-revalidate=6, stale-if-error=864000, private access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 0, 0
GET H/1.1	200 OK	m secure-gl.imrworldwide.com/cgi-bin/ Redirect Chain http://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1581084282932&ci=au-guardian&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fgzdfjspx.com%2F&sr=1600x1200&tz=1 http://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1581084282932&ci=au-guardian&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fgzdfjspx.com%2F&sr=1600x1200&tz=1&ja=1	44 B 912 B	180ms 180ms	Image image/gif	2600:9000:214f:ec00:1e:a43d:b640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1581084282932&ci=au-guardian&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fgzdfjspx.com%2F&sr=1600x1200&tz=1&ja=1 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 2600:9000:214f:ec00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:43 GMT Via 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront) Server nginx X-Amz-Cf-Pop FRA53-C1 Access-Control-Allow-Methods POST, OPTIONS P3P P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM" Access-Control-Allow-Origin * Cache-Control no-cache X-Cache Miss from cloudfront Connection keep-alive Content-Type image/gif Content-Length 44 X-Amz-Cf-Id OilacERspz6JOmi1D9SRf0YSRpsF0YS_0tY6LC-Nf8SYgQpVB7S6jw== Expires Thu, 01 Dec 1994 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:43 GMT Via 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront) Server nginx X-Amz-Cf-Pop FRA53-C1 Access-Control-Allow-Methods POST, OPTIONS P3P P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM" Location http://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1581084282932&ci=au-guardian&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fgzdfjspx.com%2F&sr=1600x1200&tz=1&ja=1 Cache-Control no-cache X-Cache Miss from cloudfront Connection keep-alive Access-Control-Allow-Origin * Content-Length 0 X-Amz-Cf-Id c7iLcEypZEGl6XzXN6RD6VLo2k1QaraNSn_km8jmlBmURDE-ZlFdcg== Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H/1.1	200 OK	P505182AA-1D71-49D8-8287-AA222CD05424.js Show response cdn-gl.imrworldwide.com/conf/	32 KB 8 KB	6ms 6ms	Script application/javascript	2600:9000:214f:1000:2:42d9:3100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cdn-gl.imrworldwide.com/conf/P505182AA-1D71-49D8-8287-AA222CD05424.js Requested by Host: cdn-gl.imrworldwide.com URL: https://cdn-gl.imrworldwide.com/v60.js Protocol HTTP/1.1 Server 2600:9000:214f:1000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 018a373b9f31d2e699af81f3618b697c87de47a67d244a2cdb427be3ee8dc3ca Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id 9DdEAq9iCgjC3uhU.wGSM2L.bfoHKOtA Content-Encoding gzip Age 2827 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 06 Jan 2020 15:16:01 GMT Server AmazonS3 Date Fri, 07 Feb 2020 14:02:04 GMT Vary Accept-Encoding Content-Type application/javascript Via 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront) Cache-Control max-age=86400,s-maxage=86400 X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id bmBJiGXc70WfKJc8wqYYKZWVB7Og-SIHPp4dKRpHCaWMRues5ZHtRQ==
GET H/1.1	200 OK	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	267ms 247ms	XHR application/javascript	143.204.201.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol HTTP/1.1 Server 143.204.201.153 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-153.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers Date Fri, 07 Feb 2020 14:04:44 GMT Content-Encoding gzip Vary Accept-Encoding,Origin X-Amz-Cf-Pop FRA53-C1 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive Access-Control-Allow-Origin * Last-Modified Wed, 08 Jan 2020 04:09:03 GMT Server AmazonS3 Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript Via 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 X-Amz-Cf-Id 83RWUo0er82bkJa-Guu4shfsEukE_o-vsWdHLFkJxu1VRD6wTHPffg==
GET H2	200	2532632.json Show response api.nextgen.guardianapps.co.uk/weatherapi/forecast/	6 KB 1 KB	67ms 67ms	XHR application/json	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/weatherapi/forecast/2532632.json?_edition=int Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ae4dd17028ef8340e809a06e43f7a6f9dbc2a67c36a6ea29be353d11a23f00d0 Request headers Accept text/plain Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Feb 2020 14:04:43 GMT content-encoding gzip age 0 x-gu-backend-app onward x-cache MISS, MISS status 200 content-length 945 x-served-by cache-lcy19246-LCY, cache-fra19143-FRA access-control-allow-origin * server nginx x-timer S1581084283.004951,VS0,VE29 x-gu-geolocation country:GB etag W/"hash4081496253612592550" vary Accept-Encoding,Origin,Accept content-type application/json via 1.1 varnish, 1.1 varnish cache-control max-age=60, stale-while-revalidate=6, stale-if-error=864000, private access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 0, 0
GET H/1.1	200 OK	nlsSDK600.bundle.min.js Show response cdn-gl.imrworldwide.com/novms/js/2/	164 KB 47 KB	7ms 6ms	Script application/javascript	2600:9000:214f:1000:2:42d9:3100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js Requested by Host: cdn-gl.imrworldwide.com URL: http://cdn-gl.imrworldwide.com/conf/P505182AA-1D71-49D8-8287-AA222CD05424.js Protocol HTTP/1.1 Server 2600:9000:214f:1000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 89d281be2d8967fc0d0384fc39c6822c9a86e5241dd5402eeb8041aaa05980da Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id PUtACx6Fr_ackL6Pw1Sr8dvxDnKL2NrR Content-Encoding gzip Age 362 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 09 Dec 2019 14:40:16 GMT Server AmazonS3 Date Fri, 07 Feb 2020 14:02:17 GMT Vary Accept-Encoding Content-Type application/javascript Via 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront) Cache-Control max-age=86400 X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id iyyCwMHbSiEBHp7L2vF7cu44YNLyJrz5tlyyue9k_T6XMAITJ9vkhA==
GET H/1.1	200 OK	ls.html cdn-gl.imrworldwide.com/novms/html/ Frame E028	0 0	6ms 6ms	Document text/html	2600:9000:214f:1000:2:42d9:3100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cdn-gl.imrworldwide.com/novms/html/ls.html Requested by Host: cdn-gl.imrworldwide.com URL: http://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js Protocol HTTP/1.1 Server 2600:9000:214f:1000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Host cdn-gl.imrworldwide.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Mon, 09 Dec 2019 14:40:15 GMT x-amz-server-side-encryption AES256 x-amz-version-id GRfTKSoq5msSTd6GAk8PLPdIzTF1l0gQ Server AmazonS3 Content-Encoding gzip Date Fri, 07 Feb 2020 13:46:46 GMT Cache-Control max-age=86400 Vary Accept-Encoding X-Cache Hit from cloudfront Via 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id cOmmVKJKsm3D8Bag1tW-iAfTqgiVWs_PTCUB_WXnsmaKEQ6Xcw4Z6A== Age 2915
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	33ms 32ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&performance=%7B%22dns%22%3A13%2C%22connection%22%3A20%2C%22firstByte%22%3A1066%2C%22lastByte%22%3A870%2C%22domContentLoadedEvent%22%3A237%2C%22loadEvent%22%3A639%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D&renderedComponents=%5B%22nav2%22%2C%22breaking-news%22%2C%22headlines%22%2C%22coronavirus%22%2C%22spotlight%22%2C%22today-in-focus%22%2C%22opinion%22%2C%22sport%22%2C%22brexit%22%2C%22securedrop%22%2C%22around-the-world%22%2C%22culture%22%2C%22labs-container-10%22%2C%22Labs%20front%20container%20%7C%20INT%20%7C%20international%20%7C%20container-11%20%7C%20Global%20health%20progress%20%7C%20IFPMA%20%7C%20card-0%20%7C%20Global%20health%20progress%22%2C%22Labs%20front%20container%20%7C%20INT%20%7C%20international%20%7C%20container-11%20%7C%20Global%20health%20progress%20%7C%20IFPMA%20%7C%20card-1%20%7C%20How%20innovative%20collaboration%20is%20key%20to%20tackling%20diseases%22%2C%22Labs%20front%20container%20%7C%20INT%20%7C%20international%20%7C%20container-11%20%7C%20Global%20health%20progress%20%7C%20IFPMA%20%7C%20card-2%20%7C%20How%20health%20services%20across%20the%20globe%20are%20being%20transformed%22%2C%22Labs%20front%20container%20%7C%20INT%20%7C%20international%20%7C%20container-11%20%7C%20Global%20health%20progress%20%7C%20IFPMA%20%7C%20card-3%20%7C%20The%20fragile%20state%20of%20drug%20supply%20chains%22%2C%22Labs%20front%20container%20%7C%20INT%20%7C%20international%20%7C%20container-11%20%7C%20Global%20health%20progress%20%7C%20IFPMA%20%7C%20card-4%20%7C%20Why%20it%20makes%20financial%20sense%20to%20achieve%20global%20universal%20healthcare%20by%202030%22%2C%22lifestyle%22%2C%22documentaries%22%2C%22explore%22%2C%22take-part%22%2C%22videos%22%2C%22video-playlist%22%2C%22in-pictures%22%2C%22most-viewed%22%2C%22trending-topics%22%2C%22footer%22%5D Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:43 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	32ms 31ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&performance=%7B%22dns%22%3A13%2C%22connection%22%3A20%2C%22firstByte%22%3A1066%2C%22lastByte%22%3A870%2C%22domContentLoadedEvent%22%3A237%2C%22loadEvent%22%3A639%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%2C%22assetsPerformance%22%3A%5B%7B%22name%22%3A%22standard%20boot%22%2C%22timing%22%3A2206%7D%2C%7B%22name%22%3A%22commercial%20request%22%2C%22timing%22%3A2209%7D%2C%7B%22name%22%3A%22commercial%20boot%22%2C%22timing%22%3A2302%7D%2C%7B%22name%22%3A%22enhanced%20request%22%2C%22timing%22%3A2210%7D%2C%7B%22name%22%3A%22enhanced%20boot%22%2C%22timing%22%3A2253%7D%5D%7D Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:43 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	32ms 31ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&adUnitWasHidden=false Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:43 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	english.svg uploads.guim.co.uk/2020/01/31/	8 KB 8 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/english.svg Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7f4c9760a8c4244b0435d5ac61494c6c300b4547b80bd052c2cc843282901317 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:43 GMT via 1.1 varnish age 2425 x-cache HIT status 200 content-length 8197 x-amz-id-2 55DrHMdyazKXNxPNBYvf+rfx2UrIfwRDEDp+M7KV3NigRBq6qHwRTv63xME7naNwxfERtzOjcbY= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:16 GMT server AmazonS3 x-timer S1581084284.896392,VS0,VE0 etag "ce1d8012724d444b017616a3ec024faf" strict-transport-security max-age=86400 x-amz-request-id 7AFC194813986EAB accept-ranges bytes content-type image/svg+xml x-cache-hits 24
POST H2	200	auction Show response elb.the-ozone-project.com/openrtb2/	5 B 210 B	313ms 187ms	XHR application/json	52.16.230.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elb.the-ozone-project.com/openrtb2/auction Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.16.230.80 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-230-80.eu-west-1.compute.amazonaws.com Software / Resource Hash 012da4e14fd20a94e2eb23c07942de5ae217f45c4ba64cf633856994dedb706e Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:44 GMT status 200 vary Origin content-type application/json access-control-allow-origin http://gzdfjspx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 5 expires 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	142 B 1 KB	189ms 168ms	XHR application/json	37.252.173.22 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL http://ib.adnxs.com/ut/v3/prebid Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol HTTP/1.1 Server 37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 59c3a864528e03253cfd9e2cad83387d5f89b8a4fd1f490bb5b22d64029dd0db Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Proxy-Origin 185.16.206.89; 185.16.206.89; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.113:80 AN-X-Request-Uuid 46f4b070-dc10-41ce-9761-fb1c0aae359f Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin http://gzdfjspx.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 142 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 114 B	87ms 30ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers status 204 date Fri, 07 Feb 2020 14:04:44 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-origin http://gzdfjspx.com
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	24 B 984 B	425ms 356ms	XHR application/json	23.210.249.164 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=208246&v=7.2&r=%7B%22id%22%3A%2271580b2172dc4e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228f66cad9f1cd88%22%2C%22ext%22%3A%7B%22siteID%22%3A%22208246%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22972a625229496c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22208246%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1& Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-164.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 27d4f0fe4004fc3c58141b60d017d565b26145722872d13fd4072ea78c6f0e1b Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:44 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin http://gzdfjspx.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 44 Expires Fri, 07 Feb 2020 14:04:44 GMT
GET H2	200	arj Show response guardian-d.openx.net/w/1.0/	173 B 570 B	126ms 73ms	XHR application/json	34.95.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://guardian-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fgzdfjspx.com%2F&ch=GBK&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=1f27d0fb-8cf1-4f84-a92a-7f79b6f83cbe&nocache=1581084284072&x_gdpr_f=1&aus=970x250%2C728x90&divIds=dfp-ad--top-above-nav&auid=540279541&tps=c2Vucz1mJnB0MT0%2FaW50ZXJuYXRpb25hbCZwdDI9aW50JnB0Mz1uZXR3b3JrLWZyb250JnB0ND1uZyZwdDU9aW50ZXJuYXRpb25hbCZwdDc9ZGVza3RvcCZwdDk9fGs2YzhyYnl2ZDhmejg2eTJmaWNyfHx8& Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.174.3 / Resource Hash db604cb485c8397ae8a742b3604c5c06a7a41faaf074dfcf74c83db61fd51ca4 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip server OXGW/16.174.3 status 200 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin http://gzdfjspx.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 164 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	302	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.co... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfj...	0 -1 B	110ms 38ms	XHR text/plain	52.58.206.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213059d234a6c77b%22%2C%22pid%22%3A1116421%2C%22tid%22%3A%221f27d0fb-8cf1-4f84-a92a-7f79b6f83cbe%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-206-142.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:44 GMT access-control-allow-origin http://gzdfjspx.com location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213059d234a6c77b%22%2C%22pid%22%3A1116421%2C%22tid%22%3A%221f27d0fb-8cf1-4f84-a92a-7f79b6f83cbe%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" status 302 access-control-allow-credentials true content-type text/plain content-length 0 Redirect headers date Fri, 07 Feb 2020 14:04:44 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213059d234a6c77b%22%2C%22pid%22%3A1116421%2C%22tid%22%3A%221f27d0fb-8cf1-4f84-a92a-7f79b6f83cbe%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin http://gzdfjspx.com access-control-allow-credentials true content-type text/plain content-length 0
GET H2	200	hb Show response ice.360yield.com/ul_cb/	1 KB 1 KB	97ms 96ms	XHR application/json	52.58.206.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214b0c24d48f5048%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213059d234a6c77b%22%2C%22pid%22%3A1116421%2C%22tid%22%3A%221f27d0fb-8cf1-4f84-a92a-7f79b6f83cbe%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-206-142.eu-central-1.compute.amazonaws.com Software / Resource Hash 918c57214f0f9e2394deed7f750553c9299ac01c4278007f2cc4034a26fdb364 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin http://gzdfjspx.com access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 938
POST H2	204	hb Show response api.nextgen.guardianapps.co.uk/commercial/api/	0 147 B	66ms 65ms	XHR text/plain	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/commercial/api/hb Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Fri, 07 Feb 2020 14:04:44 GMT via 1.1 varnish, 1.1 varnish server nginx x-gu-backend-app commercial x-gu-geolocation country:GB x-served-by cache-lcy19259-LCY, cache-fra19143-FRA status 204 x-cache MISS, MISS access-control-allow-origin * cache-control private, no-store, no-cache, private access-control-allow-credentials true accept-ranges bytes, bytes x-timer S1581084285.519624,VS0,VE26 access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 0, 0
GET H2	200	arj Show response guardian-d.openx.net/w/1.0/	173 B 372 B	67ms 66ms	XHR application/json	34.95.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://guardian-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fgzdfjspx.com%2F&ch=GBK&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=795e00b8-b933-4316-b154-5efeea383742&nocache=1581084284501&x_gdpr_f=1&aus=300x250&divIds=dfp-ad--inline1&auid=540279541&tps=c2Vucz1mJnB0MT0%2FaW50ZXJuYXRpb25hbCZwdDI9aW50JnB0Mz1uZXR3b3JrLWZyb250JnB0ND1uZyZwdDU9aW50ZXJuYXRpb25hbCZwdDc9ZGVza3RvcCZwdDk9fGs2YzhyYnl2ZDhmejg2eTJmaWNyfHx8& Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.174.3 / Resource Hash de7c855f9239fc48084c7e9e55a9240557f29118a07ea958821a11b3b536da6c Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip server OXGW/16.174.3 status 200 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin http://gzdfjspx.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 165 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	hb Show response ice.360yield.com/	1 KB 1 KB	105ms 105ms	XHR application/json	52.58.206.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2230d0aed0aa8e496%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22192f154792ac122%22%2C%22pid%22%3A1116420%2C%22tid%22%3A%22795e00b8-b933-4316-b154-5efeea383742%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D%7D Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-206-142.eu-central-1.compute.amazonaws.com Software / Resource Hash 6f05f558f7665d01321f66c7760055111808f0680e44fe3546769939cc697d4c Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin http://gzdfjspx.com access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 966
POST H2	200	auction Show response elb.the-ozone-project.com/openrtb2/	5 B 210 B	178ms 178ms	XHR application/json	52.16.230.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elb.the-ozone-project.com/openrtb2/auction Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.16.230.80 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-230-80.eu-west-1.compute.amazonaws.com Software / Resource Hash 012da4e14fd20a94e2eb23c07942de5ae217f45c4ba64cf633856994dedb706e Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:44 GMT status 200 vary Origin content-type application/json access-control-allow-origin http://gzdfjspx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 5 expires 0
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	25 B 977 B	182ms 181ms	XHR application/json	23.210.249.164 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=208246&v=7.2&r=%7B%22id%22%3A%222295df11891e003%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2223e693c5c5b8ed6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22208246%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fgzdfjspx.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1& Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-164.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f6ed8383c6b0109a5dcb9d57fa725ef7f419d768d9bd85ecc13c90bd3a360f40 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:44 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin http://gzdfjspx.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 45 Expires Fri, 07 Feb 2020 14:04:44 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 58 B	30ms 30ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers status 204 date Fri, 07 Feb 2020 14:04:44 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-origin http://gzdfjspx.com
POST H2	200	v1 Show response hb-api.omnitagjs.com/hb-api/prebid/	188 B 608 B	178ms 118ms	XHR application/json	185.255.84.150 IGUANE-
General Check archive.org Show headers Download Go to Full URL https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=http%253A%252F%252Fgzdfjspx.com%252F&CanonicalUrl=http%3A%2F%2Fgzdfjspx.com%2F%3Finternational Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.150 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash 0e931d4c081b9860706b6c1c017901d17b6ffb3284c5bfbf32daffedc36c703c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip x-content-type-options nosniff p3p CP="CAO PSA OUR" status 200 x-envoy-upstream-service-time 89 vary Accept-Encoding content-length 148 pragma no-cache server ayl-lb-fra02 access-control-max-age 3600 access-control-allow-methods OPTIONS, POST content-type application/json; charset=utf-8 access-control-allow-origin http://gzdfjspx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept-Encoding, Content-Type expires 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	142 B 1 KB	116ms 116ms	XHR application/json	37.252.173.22 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL http://ib.adnxs.com/ut/v3/prebid Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol HTTP/1.1 Server 37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash abeee31c8bb7f378d68f945d118f9a523f863556ffbf18e60ee1e8f8fcfbe6db Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Proxy-Origin 185.16.206.89; 185.16.206.89; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80 AN-X-Request-Uuid c350f2b1-3512-4a65-8caa-e1a909a88354 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin http://gzdfjspx.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 142 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	6 KB 4 KB	283ms 283ms	XHR text/plain	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562725702492543&correlator=1076183943506507&output=ldjh&impl=fif&adsid=NT&eid=21065536%2C21062888%2C21065304%2C21065305&vrg=2020020602&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200207&iu=%2F59666047%2Ftheguardian.com%2Finternational%2Ffront%2Fng&sz=320x50%7C1x1%7C2x2%7C728x90%7C940x230%7C900x250%7C970x250%7C88x71&fluid=height&fsb=1&scp=slot-fabric%3Dfabric1%26ad_group%3Dad_opt%26ad_h%3D14%26slot%3Dtop-above-nav&cust_params=sens%3Df%26pv%3Dk6c8rbyvd8fz86y2ficr%26bp%3Ddesktop%26si%3Df%26ab%3DoldTlsSupportDeprecationControl-control%26fr%3D0%26s%3Dinternational%26rp%3Ddotcom-platform%26dcre%3Df%26inskin%3Dt%26ct%3Dnetwork-front%26url%3D%253Finternational%26edition%3Dint%26p%3Dng%26k%3Dinternational%26pa%3Df&cookie_enabled=1&bc=23&abxe=1&lmt=1581084284&dt=1581084284512&dlt=1581084281583&idt=1464&frm=20&biw=1585&bih=1200&oid=3&adx=792&ady=18&adk=2414939258&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fgzdfjspx.com%2F&dssz=45&icsg=10752&std=18&vis=1&scr_x=0&scr_y=0&psz=1585x127&msz=1x126&ga_vid=213692129.1581084283&ga_sid=1581084285&ga_hid=440800040&fws=516&ohw=1585&btvi=0 Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash 6c573c9a2b51ea9263c6852917f6e8918477445e15a49f3cb57eec6e3eef56e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 3237 x-xss-protection 0 google-lineitem-id 147016167 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 105407479767 content-type text/plain; charset=UTF-8 access-control-allow-origin http://gzdfjspx.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2020020602.js Show response securepubads.g.doubleclick.net/gpt/	66 KB 24 KB	42ms 42ms	Script text/javascript	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020602.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software sffe / Resource Hash 8b835016d97f2e565c0fd54e2fe5fb017e768a26863309538d9a65d93535c86e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 21:11:09 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24886 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:44 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	6ms 5ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
POST H2	204	hb Show response api.nextgen.guardianapps.co.uk/commercial/api/	0 58 B	63ms 63ms	XHR text/plain	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/commercial/api/hb Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Fri, 07 Feb 2020 14:04:44 GMT via 1.1 varnish, 1.1 varnish server nginx x-gu-backend-app commercial x-gu-geolocation country:GB x-served-by cache-lcy19277-LCY, cache-fra19143-FRA status 204 x-cache MISS, MISS access-control-allow-origin * cache-control private, no-store, no-cache, private access-control-allow-credentials true accept-ranges bytes, bytes x-timer S1581084285.707463,VS0,VE24 access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 0, 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	8 KB 4 KB	282ms 281ms	XHR text/plain	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562725702492543&correlator=1076183943506507&output=ldjh&impl=fif&adsid=NT&eid=21065536%2C21062888%2C21065304%2C21065305&vrg=2020020602&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200207&iu=%2F59666047%2Ftheguardian.com%2Finternational%2Ffront%2Fng&sz=320x50%7C1x1%7C2x2%7C300x250%7C300x274&fluid=height&fsb=1&scp=ad_group%3Dad_opt%26ad_h%3D14%26slot%3Dinline1&cust_params=sens%3Df%26pv%3Dk6c8rbyvd8fz86y2ficr%26bp%3Ddesktop%26si%3Df%26ab%3DoldTlsSupportDeprecationControl-control%26fr%3D0%26s%3Dinternational%26rp%3Ddotcom-platform%26dcre%3Df%26inskin%3Dt%26ct%3Dnetwork-front%26url%3D%253Finternational%26edition%3Dint%26p%3Dng%26k%3Dinternational%26pa%3Df&cookie_enabled=1&bc=23&abxe=1&lmt=1581084284&dt=1581084284694&dlt=1581084281583&idt=1464&frm=20&biw=1585&bih=1200&oid=3&adx=1043&ady=1228&adk=3830723819&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fgzdfjspx.com%2F&dssz=46&icsg=10752&std=18&vis=1&scr_x=0&scr_y=0&psz=320x274&msz=300x274&ga_vid=213692129.1581084283&ga_sid=1581084285&ga_hid=440800040&fws=4&ohw=1300&btvi=1 Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash 2a5016f2f00ca6e1892ec4e6a9efb668c49924aad6923f247a8f4bbf9157d502 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 3899 x-xss-protection 0 google-lineitem-id 115217607 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138225686083 content-type text/plain; charset=UTF-8 access-control-allow-origin http://gzdfjspx.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	119 KB 27 KB	322ms 321ms	XHR text/plain	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562725702492543&correlator=1076183943506507&output=ldjh&impl=fif&adsid=NT&eid=21065536%2C21062888%2C21065304%2C21065305&vrg=2020020602&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200207&iu=%2F59666047%2Ftheguardian.com%2Finternational%2Ffront%2Fng&sz=320x50%7C1x1%7C2x2%7C88x87&fluid=height&scp=slot-fabric%3Dfabric2%26ad_group%3Dad_opt%26ad_h%3D14%26slot%3Dmerchandising-high%26outbrain-compliant%3Dfalse&cust_params=sens%3Df%26pv%3Dk6c8rbyvd8fz86y2ficr%26bp%3Ddesktop%26si%3Df%26ab%3DoldTlsSupportDeprecationControl-control%26fr%3D0%26s%3Dinternational%26rp%3Ddotcom-platform%26dcre%3Df%26inskin%3Dt%26ct%3Dnetwork-front%26url%3D%253Finternational%26edition%3Dint%26p%3Dng%26k%3Dinternational%26pa%3Df&cookie_enabled=1&bc=23&abxe=1&lmt=1581084284&dt=1581084284709&dlt=1581084281583&idt=1464&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=2579&adk=2864494255&uci=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fgzdfjspx.com%2F&dssz=46&icsg=10752&std=18&vis=1&scr_x=0&scr_y=0&psz=1585x25&msz=1585x1&ga_vid=213692129.1581084283&ga_sid=1581084285&ga_hid=440800040&fws=4&ohw=1585&btvi=2 Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash e1289103afd73bccb45e3b70385562cbfecb082c71763ad7052352ff922128ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27829 x-xss-protection 0 google-lineitem-id 4942846255 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138285309257 content-type text/plain; charset=UTF-8 access-control-allow-origin http://gzdfjspx.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 4385	0 0	44ms 44ms	Fetch image/gif	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu46oJ9yIACGRNLQo4KB3H8kyMyPeJMjoLCmtKwZdFQtIV0PYdk523hcHQXCjmwMDup7l-L5PBMeejvCo70RRdJnF4OC5fgiFQRyntSC3SvgFeDhYQ-6RWX-0hzxAJVIG01iguoCP9R_T4pyFSkVg5KITYwbhI04YbVct5JQbUs2lOKvkK4m4yvEtWwN5s0Nu1m4ynYo6V5FoTd4yoMTSP6Gzm4qW63sKtHFhJ3nbenMp46S8d0ZIcw673_WnPuoL39ekUNPXZHqQudIWVWxMpRPMkwngcXDv_ur3A&sai=AMfl-YSQ6pbkGJrj79NQtL28VaWMYqqgjdUIJUdp-1UFRk5KJwMOVnqzOAoEidrEK-vxjDjguxOP_pHnm8J2nzf3020bP1FAZDdU7WFQG0CD&sig=Cg0ArKJSzDNTboqPR7MREAE&urlfix=1&adurl= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Feb 2020 14:04:44 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:44 GMT
GET H/1.1	200 OK	bounce Show response secure.adnxs.com/ Frame 4385 Redirect Chain https://secure.adnxs.com/ttj?id=11604344&size=728x90&promo_sizes=970x250,900x250&promo_alignment=center&pt1=http://gzdfjspx.com/&kw_pt1=http://gzdfjspx.com/&pt2=int&kw_pt2=int&pt3=network-front&kw_... https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D11604344%26size%3D728x90%26promo_sizes%3D970x250%2C900x250%26promo_alignment%3Dcenter%26pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26kw_pt1%3Dhttp%3A%2F%2Fgzdf...	8 KB 4 KB	35ms 35ms	Script application/javascript	37.252.173.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D11604344%26size%3D728x90%26promo_sizes%3D970x250%2C900x250%26promo_alignment%3Dcenter%26pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26kw_pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26pt2%3Dint%26kw_pt2%3Dint%26pt3%3Dnetwork-front%26kw_pt3%3Dnetwork-front%26pt4%3Dng%26kw_pt4%3Dng%26pt5%3Dinternational%26kw_pt5%3Dinternational%26pt6%3D%26kw_pt6%3D%26pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26kw_pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26pubclick%3D%5BINSERT_CLICK_TAG%5D%26custom_pub_data%3Dk6c8rbyvd8fz86y2ficr%26cb%3D1373392961%26pubclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuyMUD755tU9NfCwm4NrU7lVKWHDf2dbE71SAJ4sqhUPQ9y_ca6SGLXCIa28Aqv7IeYi6AfnAKyiKwhH1YnT6NNFMQ10lBHtJJttXBlRYLE3xd8uSbm7RWQesNqQBC5H_oz3cO4SGwcgIhd2yWeZVGAjTcSLHkO8zZS1Dea5tPtIUcV86h0SYgwJFUuoYKvyEE02Xf99beCnvVIczS1xNlMs85041j7-r54eymaM1CYr8k0k2ngrkuoCCPc6fiG3Xjv6ygC6jIZ_SR2qk2tQVpz8XcbagFjbiM%252526sai%25253DAMfl-YSjdd902RCfSPNmOLZ3dH-SANcv_hYryVUAAQwnFl5_qewtd1ieYHux_qQ2qIHB6YEGIJyde_dqvwdLGAA9NYKzFyTYnR1uspNUkJqF%252526sig%25253DCg0ArKJSzA1345hqAh13EAE%252526urlfix%25253D1%252526adurl%25253D Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 5b43a19c20b0d9990d2eb5248bd8a6d4fad2f9788336b089f58f8fdd486a17e4 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:46 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.16.206.89; 185.16.206.89; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid a2f2da77-8091-4d15-9b6d-a8ab4bf228d9 Server nginx/1.13.4 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT AN-X-Request-Uuid c12ac0d2-6a6c-4753-937a-d44ac947ba79 Content-Type text/html; charset=utf-8 Server nginx/1.13.4 Location https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D11604344%26size%3D728x90%26promo_sizes%3D970x250%2C900x250%26promo_alignment%3Dcenter%26pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26kw_pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26pt2%3Dint%26kw_pt2%3Dint%26pt3%3Dnetwork-front%26kw_pt3%3Dnetwork-front%26pt4%3Dng%26kw_pt4%3Dng%26pt5%3Dinternational%26kw_pt5%3Dinternational%26pt6%3D%26kw_pt6%3D%26pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26kw_pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26pubclick%3D%5BINSERT_CLICK_TAG%5D%26custom_pub_data%3Dk6c8rbyvd8fz86y2ficr%26cb%3D1373392961%26pubclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuyMUD755tU9NfCwm4NrU7lVKWHDf2dbE71SAJ4sqhUPQ9y_ca6SGLXCIa28Aqv7IeYi6AfnAKyiKwhH1YnT6NNFMQ10lBHtJJttXBlRYLE3xd8uSbm7RWQesNqQBC5H_oz3cO4SGwcgIhd2yWeZVGAjTcSLHkO8zZS1Dea5tPtIUcV86h0SYgwJFUuoYKvyEE02Xf99beCnvVIczS1xNlMs85041j7-r54eymaM1CYr8k0k2ngrkuoCCPc6fiG3Xjv6ygC6jIZ_SR2qk2tQVpz8XcbagFjbiM%252526sai%25253DAMfl-YSjdd902RCfSPNmOLZ3dH-SANcv_hYryVUAAQwnFl5_qewtd1ieYHux_qQ2qIHB6YEGIJyde_dqvwdLGAA9NYKzFyTYnR1uspNUkJqF%252526sig%25253DCg0ArKJSzA1345hqAh13EAE%252526urlfix%25253D1%252526adurl%25253D P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.16.206.89; 185.16.206.89; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.187:80 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 4385	72 KB 27 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b424ec6465b6e0dd6e6b9ece3fa59da2a273e14ce3cebfd444ad5b661fba16b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580907112712234" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27618 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:44 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	74 KB 27 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18f31e7cf5554306ac5bf2bd314fb4aeb32cbf5379c8f6a0e156e5990b1b00ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580907112712234" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27884 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:44 GMT
GET H/1.1	200 OK	pixel protected-by.clarium.io/ Frame 4385	68 B 345 B	171ms 38ms	Image image/png	18.195.158.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://protected-by.clarium.io/pixel?tag=wt_N29EZ2lUc3E4OFVTNHJyQkcwX054cGFma3JnLzIxODUzNDEyNzo3Mjh4OTA=&v=5&s=v31e0fvf5sk&id=eyJkZnAiOnsiYWQiOjI4MjI2NjA3LCJjIjoxMDU0MDc0Nzk3NjcsImwiOjE0NzAxNjE2NywibyI6MjE4NTM0MTI3LCJBIjoiLzU5NjY2MDQ3L3RoZWd1YXJkaWFuLmNvbS9pbnRlcm5hdGlvbmFsL2Zyb250L25nIiwieSI6MCwiY28iOjAsInMiOiJkZnAtYWQtLXRvcC1hYm92ZS1uYXYifX0%3D&sb=0&cb=5373118&h=gzdfjspx.com&d=eyJ3aCI6Ik4yOUVaMmxVYzNFNE9GVlROSEp5UWtjd1gwNTRjR0ZtYTNKbkx6SXhPRFV6TkRFeU56bzNNamg0T1RBPSIsIndkIjp7Im8iOjIxODUzNDEyNywidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.158.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-158-34.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:44 GMT Server nginx/1.14.0 (Ubuntu) Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Length 68 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	ad-render.gif phar.gu-web.net/count/	35 B 273 B	364ms 44ms	Image image/gif	34.246.5.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://phar.gu-web.net/count/ad-render.gif Protocol HTTP/1.1 Server 34.246.5.20 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-246-5-20.eu-west-1.compute.amazonaws.com Software / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:44 GMT Content-Encoding gzip Cache-Control private, no-store, no-cache Content-Length 57 Vary Accept-Encoding Connection keep-alive Content-Type image/gif
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	32ms 18ms	XHR application/json	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020020602&st=env Requested by Host: assets.guim.co.uk URL: https://assets.guim.co.uk/javascripts/1cc65aaccfa4fbba3775/graun.standard.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4363da491b70ae14d2bf40ccbd2133d28ee042a709b7c21482e4dac113b5a5ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers timing-allow-origin * date Fri, 07 Feb 2020 14:04:44 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5266 x-xss-protection 0
GET H/1.1	200 OK	sodar2.js Show response tpc.googlesyndication.com/sodar/	21 KB 8 KB	20ms 14ms	Script text/javascript	2a00:1450:4001:820::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020602.js Protocol HTTP/1.1 Server 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:44 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server sffe ETag "1580338855439378" Vary Accept-Encoding Content-Type text/javascript Cache-Control private, max-age=3000 Accept-Ranges bytes Content-Length 8104 X-XSS-Protection 0 Expires Fri, 07 Feb 2020 14:04:44 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/206/ Frame A800	0 0	6ms 5ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html Requested by Host: tpc.googlesyndication.com URL: http://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/206/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer http://gzdfjspx.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-type text/html content-length 11190 date Fri, 07 Feb 2020 13:48:41 GMT expires Sat, 06 Feb 2021 13:48:41 GMT last-modified Tue, 19 Nov 2019 17:13:16 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 963 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	sync Show response gum.criteo.com/ Frame 4385	51 B 375 B	42ms 12ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a Requested by Host: secure.adnxs.com URL: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D11604344%26size%3D728x90%26promo_sizes%3D970x250%2C900x250%26promo_alignment%3Dcenter%26pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26kw_pt1%3Dhttp%3A%2F%2Fgzdfjspx.com%2F%26pt2%3Dint%26kw_pt2%3Dint%26pt3%3Dnetwork-front%26kw_pt3%3Dnetwork-front%26pt4%3Dng%26kw_pt4%3Dng%26pt5%3Dinternational%26kw_pt5%3Dinternational%26pt6%3D%26kw_pt6%3D%26pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26kw_pt9%3D%7Ck6c8rbyvd8fz86y2ficr%7C%7C%7Ctop-above-nav%26pubclick%3D%5BINSERT_CLICK_TAG%5D%26custom_pub_data%3Dk6c8rbyvd8fz86y2ficr%26cb%3D1373392961%26pubclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuyMUD755tU9NfCwm4NrU7lVKWHDf2dbE71SAJ4sqhUPQ9y_ca6SGLXCIa28Aqv7IeYi6AfnAKyiKwhH1YnT6NNFMQ10lBHtJJttXBlRYLE3xd8uSbm7RWQesNqQBC5H_oz3cO4SGwcgIhd2yWeZVGAjTcSLHkO8zZS1Dea5tPtIUcV86h0SYgwJFUuoYKvyEE02Xf99beCnvVIczS1xNlMs85041j7-r54eymaM1CYr8k0k2ngrkuoCCPc6fiG3Xjv6ygC6jIZ_SR2qk2tQVpz8XcbagFjbiM%252526sai%25253DAMfl-YSjdd902RCfSPNmOLZ3dH-SANcv_hYryVUAAQwnFl5_qewtd1ieYHux_qQ2qIHB6YEGIJyde_dqvwdLGAA9NYKzFyTYnR1uspNUkJqF%252526sig%25253DCg0ArKJSzA1345hqAh13EAE%252526urlfix%25253D1%252526adurl%25253D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/javascript; charset=utf-8 status 200 cache-control private, max-age=3600 date Fri, 07 Feb 2020 14:04:44 GMT content-length 169 expires 60
GET H/1.1	200 OK	ttj Show response secure.adnxs.com/ Frame 4385	4 KB 3 KB	112ms 112ms	Script application/javascript	37.252.173.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/ttj?ttjb=1&bdc=1581084286&bdh=NEuugjWd9Kd38WrDZCXI9qoYIng.&&bdref=http%3A%2F%2Fgzdfjspx.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fgzdfjspx.com%2F,http%3A%2F%2Fgzdfjspx.com%2F&&id=11604344&size=728x90&promo_sizes=970x250,900x250&promo_alignment=center&pt1=http://gzdfjspx.com/&kw_pt1=http://gzdfjspx.com/&pt2=int&kw_pt2=int&pt3=network-front&kw_pt3=network-front&pt4=ng&kw_pt4=ng&pt5=international&kw_pt5=international&pt6=&kw_pt6=&pt9=|k6c8rbyvd8fz86y2ficr|||top-above-nav&kw_pt9=|k6c8rbyvd8fz86y2ficr|||top-above-nav&pubclick=[INSERT_CLICK_TAG]&custom_pub_data=k6c8rbyvd8fz86y2ficr&cb=1373392961&pubclickenc=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuyMUD755tU9NfCwm4NrU7lVKWHDf2dbE71SAJ4sqhUPQ9y_ca6SGLXCIa28Aqv7IeYi6AfnAKyiKwhH1YnT6NNFMQ10lBHtJJttXBlRYLE3xd8uSbm7RWQesNqQBC5H_oz3cO4SGwcgIhd2yWeZVGAjTcSLHkO8zZS1Dea5tPtIUcV86h0SYgwJFUuoYKvyEE02Xf99beCnvVIczS1xNlMs85041j7-r54eymaM1CYr8k0k2ngrkuoCCPc6fiG3Xjv6ygC6jIZ_SR2qk2tQVpz8XcbagFjbiM%2526sai%253DAMfl-YSjdd902RCfSPNmOLZ3dH-SANcv_hYryVUAAQwnFl5_qewtd1ieYHux_qQ2qIHB6YEGIJyde_dqvwdLGAA9NYKzFyTYnR1uspNUkJqF%2526sig%253DCg0ArKJSzA1345hqAh13EAE%2526urlfix%253D1%2526adurl%253D Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash e4cbf8a3f21f9ebfd355b1fc7351dfaf7b527cfa82e99677caac60f8c64fd882 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:47 GMT Content-Encoding gzip X-Creative-ID 72081643 Transfer-Encoding chunked P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.16.206.89; 185.16.206.89; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid b5bcc94e-2c74-40c8-9eac-cf264b23caec Server nginx/1.13.4 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 9022	0 0	45ms 44ms	Fetch image/gif	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi2Ev0lglGcLWp7aahauKx3kUWz97ypUdq8HUqwX0wVFey4TayXZ_GsbJNb09H1D2ZhCbZdMXFLuwXnaPdRfMP6IiI4kM1ninKacHU_O-QpiKbqgtABRM_d5aSMxc6SQUbiXyHnBEAcLekXXqIMob6YBBuBje_KyH6uuiG-uVCfTiDQskPcl5rl5vh9z3cQG8WePhzc29GfR31-8VuAphRm_3pDRrgeI3Ib0wW68aHof010XrrRSLfsZ80h8FYH4llcN3TodD8J1gWGERcC_mrVbhz2rbloE0NBZA&sai=AMfl-YTIWRPcwIB4MWfcVg3zssSeoAhQ8C95RTaQ4L-Tqj0NkahmLTzCA1wWYiLnvWB6UNzJXMZuS8YnpoEK-qIj3iIbhJunqmfihCpCyi-E&sig=Cg0ArKJSzHykrW7nXwmgEAE&urlfix=1&adurl= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Feb 2020 14:04:45 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H/1.1	200 OK	ttj Show response secure.adnxs.com/ Frame 9022	8 KB 4 KB	108ms 35ms	Script application/javascript	37.252.173.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/ttj?id=11599635&pt1=http://gzdfjspx.com/&kw_pt1=http://gzdfjspx.com/&pt2=int&kw_pt2=int&pt3=network-front&kw_pt3=network-front&pt4=ng&kw_pt4=ng&pt5=international&kw_pt5=international&pt6=&kw_pt6=&pt9=|k6c8rbyvd8fz86y2ficr|||inline1&kw_pt9=|k6c8rbyvd8fz86y2ficr|||inline1&pubclick=[INSERT_CLICK_TAG]&custom_pub_data=k6c8rbyvd8fz86y2ficr&cb=16748047&pubclickenc=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuXyQmWCSAajPMmyrXDOpBwgNCZ3B2JjuaFE360mzYfpoW0HjOWNNxNoyZ969RvBg9bDwhqapU8i3cfS6y777A4jtPR5taets94Kr9NGwn-kDqlgd2t15irxcrLYjKkBzOGnkKOOXGiADQ1F-xlyL0a9KSmblyAHyrMKfB3yrmG9tFpH-0DW4JihzB_sYXHbpMmeQSaNT21LrlwU3mtsAaE_rhuahMvRANr2Rc6lbaS4I_gos3Q5FWROoTGjbIha7fnkh2VPN6bhMJ9Nxl5P2NRfJjsfyqnano%2526sai%253DAMfl-YREwDr60QDTXc9-86ofW-Cpeit_JgSdaDdP6szSK2e9e3Kdp_xHDeE6PhxQCKE3q4Ry-w8Iutf1C_u2e89whd6W5BNnZ7KSvkRmaYVh%2526sig%253DCg0ArKJSzBx-xfCF941AEAE%2526urlfix%253D1%2526adurl%253D Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash f168c82809410b4999e03d52ec4e618b988995445f1987a97101c9a4f6b56d9c Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:47 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.16.206.89; 185.16.206.89; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 1d41fedf-6945-48da-afc0-e3c8e4c848d8 Server nginx/1.13.4 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 9022	72 KB 27 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b424ec6465b6e0dd6e6b9ece3fa59da2a273e14ce3cebfd444ad5b661fba16b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580907112712234" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27618 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H/1.1	200 OK	pixel protected-by.clarium.io/ Frame 9022	68 B 345 B	40ms 40ms	Image image/png	18.195.158.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://protected-by.clarium.io/pixel?tag=wt_N29EZ2lUc3E4OFVTNHJyQkcwX054cGFma3JnLzIxODUzNDEyNzozMDB4MjUw&v=5&s=v31e0fvf626&id=eyJkZnAiOnsiYWQiOjI4MjI2NjA3LCJjIjoxMzgyMjU2ODYwODMsImwiOjExNTIxNzYwNywibyI6MjE4NTM0MTI3LCJBIjoiLzU5NjY2MDQ3L3RoZWd1YXJkaWFuLmNvbS9pbnRlcm5hdGlvbmFsL2Zyb250L25nIiwieSI6MCwiY28iOjAsInMiOiJkZnAtYWQtLWlubGluZTEifX0%3D&sb=0&cb=519169&h=gzdfjspx.com&d=eyJ3aCI6Ik4yOUVaMmxVYzNFNE9GVlROSEp5UWtjd1gwNTRjR0ZtYTNKbkx6SXhPRFV6TkRFeU56b3pNREI0TWpVdyIsIndkIjp7Im8iOjIxODUzNDEyNywidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.158.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-158-34.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT Server nginx/1.14.0 (Ubuntu) Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Length 68 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 49 B	15ms 15ms	Image image/gif	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020020602&jk=1562725702492543&bg=!6eql6vJYI_kHFCdklHkCAAAAO1IAAAAKmQFXVPMGX5yuZmacjYTudbZKfB88hOCAnGrSRci3p7raMQDR3v-REXrigIqHTHaTgcFgtIDStchMJaJYNXpevBz6uJ251H8gdqtkX-jzP3eVrhacNo4DiCHFyIRBSZhpSDCoPrZID1T-lP961tUrdENdqtvVYVwgHCe8HttPUgjfEkwDBAKS9jlfcJ3wh5Bh5-SSOClzvi3m5I4jMLwOYR_SYhbXpZXwONibp2R1yJw4323_CVhyvv1U5nCMn2u3ZsyW-MEKihR2Ibi7pA_0zK8jnZRPb6gD2t2qXjg1CRpini-3SNlq2rCM7OLYGhaIvtpjA6lRWzbszHp6UBk6e0WrbhHvilQsCYiw1HPea2AvDMDwU5shgioQVP6NxJZWCDTvPDgM1sNOwn7JPEb8T2DezBZuyS_mPcAtgnUsAsKIdas89lA31z-A3OcGnrb-tsn3rrLfGhrCbA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:45 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0853	0 0	6ms 5ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: confiant-integrations.global.ssl.fastly.net URL: http://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer http://gzdfjspx.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 2973 date Fri, 07 Feb 2020 13:49:17 GMT expires Sat, 06 Feb 2021 13:49:17 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 928 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H/1.1	200 OK	wrap.js Show response clarium.global.ssl.fastly.net/gpt/a/ Frame 4385	64 KB 22 KB	74ms 53ms	Script application/x-javascript	151.101.13.194 FASTLY
General Check archive.org Show headers Download Go to Full URL http://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash fced30ea7cfa7088a59b56b36a59a66b8d84a3f8e2fbd563ef762aa199e828ba Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:45 GMT Content-Encoding gzip Age 2865 X-Cache HIT Connection keep-alive Content-Length 22222 X-Served-By cache-fra19141-FRA Last-Modified Wed, 05 Feb 2020 18:58:31 GMT Server nginx X-Timer S1581084285.168425,VS0,VE0 ETag "5e3b1057-ff24" Vary Accept-Encoding Content-Type application/x-javascript Via 1.1 varnish Cache-Control private, max-age=900, stale-while-revalidate=3600 Accept-Ranges bytes X-Cache-Hits 2690
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 4385	44 KB 15 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aba43a9180b22b22dbc73b976ead8532d7f88ed5cc545a48112d2a87079fc5b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "421 / 876 of 1000 / last-modified: 1581031058" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14806 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame 4385	45 KB 13 KB	112ms 40ms	Script application/javascript	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=10188&advId=${IO_ID}&campId=${CP_ID}&pubId=2888&chanId=1039227&placementId=72081643&planId=11604344&adsafe_par&bidurl=http%3A%2F%2Fgzdfjspx.com%2F&bidPr=0&uId=2594341773630831473&impId=7293188377993784688&respID=0 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 03720ffa7d5e70e52b0ca5a2a7e0978a57b4dd85d9b84d065a282b5f63334cc6 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-server-name app30.ie.303net.net access-control-allow-origin pixel.adsafeprotected.com content-type application/javascript;charset=utf-8 status 200 cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	anxresize.js Show response api.nextgen.guardianapps.co.uk/commercial/anx/ Frame 4385	173 B 585 B	113ms 37ms	Script text/javascript	151.101.13.111 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.nextgen.guardianapps.co.uk/commercial/anx/anxresize.js?width=728&height=90 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.111 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3f38434f98a31b46aa6db344b52c325c013e2f1e91b405694a9a0dee4d6fd7cb Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip age 869 x-gu-backend-app commercial x-cache HIT, HIT status 200 content-length 162 via 1.1 varnish, 1.1 varnish x-served-by cache-lcy19271-LCY, cache-fra19176-FRA server nginx x-timer S1581084285.204090,VS0,VE0 x-gu-geolocation country:GB etag W/"hash-2605227905608101673" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60, stale-while-revalidate=6, stale-if-error=864000, private access-control-allow-credentials true accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Accept,Content-Type x-cache-hits 2, 12
GET H/1.1	200 OK	it fra1-ib.adnxs.com/ Frame 4385	0 816 B	109ms 35ms	Image text/html	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fgzdfjspx.com%2F&e=wqT_3QKkA6CkAQAAAwDWAAUBCP_c9fEFEPDazrKFhqebZRjx9uOZkIO9gCQqNgkAAAkCABEJBwgAABkJCQjQPyEJCQgAACkRCfD9MQAAAOBRuJ4_MPiixAU4yBZAyBZIAlDrwa8iWKfFUGAAaMvsM3jXjgWAAQGKAQCSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAECyAEA0AEA2AEA4AEA8AEA2ALwJOAC-Osv6gIUaHR0cDovL2d6ZGZqc3B4LmNvbS-AAwCIAwGQAwCYAxmgAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDTE4NS4xNi4yMDYuODmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAOAEAPAE68GvIogFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAApBmjYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYJIRgAANoGFgoQEQ0RAVAQABgA4AYA8gYCCACABwGIBwCgBwA.&s=d4e3ace76f71d2c82591d6848137c83ce9662221 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:47 GMT AN-X-Request-Uuid b99b49f8-af3a-4b1a-b76d-c500dfa6cdcf Content-Type text/html; charset=utf-8 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.16.206.89; 185.16.206.89; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	ttj Show response secure.adnxs.com/ Frame 9022	4 KB 3 KB	139ms 138ms	Script application/javascript	37.252.173.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/ttj?ttjb=1&bdc=1581084287&bdh=mhzsYjiO5sB36yLtfsutFQkvPbo.&&bdref=http%3A%2F%2Fgzdfjspx.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fgzdfjspx.com%2F,http%3A%2F%2Fgzdfjspx.com%2F&&id=11599635&pt1=http://gzdfjspx.com/&kw_pt1=http://gzdfjspx.com/&pt2=int&kw_pt2=int&pt3=network-front&kw_pt3=network-front&pt4=ng&kw_pt4=ng&pt5=international&kw_pt5=international&pt6=&kw_pt6=&pt9=|k6c8rbyvd8fz86y2ficr|||inline1&kw_pt9=|k6c8rbyvd8fz86y2ficr|||inline1&pubclick=[INSERT_CLICK_TAG]&custom_pub_data=k6c8rbyvd8fz86y2ficr&cb=16748047&pubclickenc=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuXyQmWCSAajPMmyrXDOpBwgNCZ3B2JjuaFE360mzYfpoW0HjOWNNxNoyZ969RvBg9bDwhqapU8i3cfS6y777A4jtPR5taets94Kr9NGwn-kDqlgd2t15irxcrLYjKkBzOGnkKOOXGiADQ1F-xlyL0a9KSmblyAHyrMKfB3yrmG9tFpH-0DW4JihzB_sYXHbpMmeQSaNT21LrlwU3mtsAaE_rhuahMvRANr2Rc6lbaS4I_gos3Q5FWROoTGjbIha7fnkh2VPN6bhMJ9Nxl5P2NRfJjsfyqnano%2526sai%253DAMfl-YREwDr60QDTXc9-86ofW-Cpeit_JgSdaDdP6szSK2e9e3Kdp_xHDeE6PhxQCKE3q4Ry-w8Iutf1C_u2e89whd6W5BNnZ7KSvkRmaYVh%2526sig%253DCg0ArKJSzBx-xfCF941AEAE%2526urlfix%253D1%2526adurl%253D Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 78c49687d4d755bf558c45bc41ffb51ad8a9cd015941a47998375c397b501bfb Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:47 GMT Content-Encoding gzip X-Creative-ID 72012134 Transfer-Encoding chunked P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.16.206.89; 185.16.206.89; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.237:80 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid f76c00c9-bfa3-401c-bb1b-c01e0af22bdb Server nginx/1.13.4 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pubads_impl_2020013001.js Show response securepubads.g.doubleclick.net/gpt/ Frame 4385	167 KB 61 KB	43ms 42ms	Script text/javascript	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software sffe / Resource Hash 06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Jan 2020 14:09:03 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 62230 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 4385	113 B 178 B	15ms 14ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=gzdfjspx.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 108 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 4385	30 KB 11 KB	262ms 262ms	XHR text/plain	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2074054047136096&correlator=485695735943367&output=ldjh&impl=fif&eid=21065400%2C21063635&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200207&iu=%2F59666047%2Ftheguardian.com%2Fx-passback%2Fappnexus&sz=728x90&scp=url%3Dhttp%253A%252F%252Fgzdfjspx.com%252F%26edition%3Dint%26ct%3Dnetwork-front%26p%3Dng%26k%3Dinternational%26ab%3Dk6c8rbyvd8fz86y2ficr%26x%3Dtop-above-nav%26passback%3Dappnexus&eri=6&cookie=ID%3Dc3e267ef2f77bf82%3AT%3D1581084284%3AS%3DALNI_Mbg0W2RZlg5wCMWnF4Ne21aO4WYMA&cdm=gzdfjspx.com&bc=23&abxe=1&lmt=1581084285&dt=1581084285207&dlt=1581084284809&idt=386&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=24&adk=2719141283&uci=dw8x3j7z01y5&ifi=1&ifk=230204466&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fgzdfjspx.com%2F&top=gzdfjspx.com&dssz=13&icsg=346&mso=544&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=458708748.1581084285&ga_sid=1581084285&ga_hid=337318331&fws=256&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash c75b5148bfd6bb9ee39429c272b6d596d67a4ae563970c1ea8da6c8adcaa082d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 10898 x-xss-protection 0 google-lineitem-id 5164052351 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138286293287 content-type text/plain; charset=UTF-8 access-control-allow-origin http://gzdfjspx.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2020013001.js Show response securepubads.g.doubleclick.net/gpt/ Frame 4385	66 KB 24 KB	42ms 42ms	Script text/javascript	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software sffe / Resource Hash ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Jan 2020 14:09:03 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24903 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4385	0 0	5ms 5ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	200	main.19.8.40.js Show response static.adsafeprotected.com/ Frame 4385	162 KB 54 KB	25ms 8ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.19.8.40.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=10188&advId=${IO_ID}&campId=${CP_ID}&pubId=2888&chanId=1039227&placementId=72081643&planId=11604344&adsafe_par&bidurl=http%3A%2F%2Fgzdfjspx.com%2F&bidPr=0&uId=2594341773630831473&impId=7293188377993784688&respID=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3cf6d833839d32076b2e3f34065b32b2f8208d5a76687dc623d918a185ca1ccc Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 13 Jan 2020 11:59:01 GMT content-encoding gzip age 2167544 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Thu, 19 Dec 2019 20:35:24 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id w2p5hJ9tx24LIV6pu7fDukzvRHB0EjuR via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id ZSciNJ42UWNAd2JwWwXl65jfnm-kLXEIUHA5ZDB8DYplzu10rDZ-tg==
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/dmp/ Frame FBC4	0 0	118ms 39ms	Document text/html	151.101.113.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2888&pub_id=1039227 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate, br Cookie uuid2=2594341773630831473; anj=dTM7k!M4/8Erk#WF']wIg2IllpRl4H!]tbP6j2F-XstGtXt#r7!6p?j@[I.#; icu=ChgI-7Y_EAoYASABKAEw_9z18QU4AUABSAEQ_9z18QUYAA.. Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Server nginx/1.13.10 Content-Type text/html Last-Modified Fri, 31 Jan 2020 17:12:15 GMT ETag W/"5e345fef-ccb7" Expires Sat, 01 Feb 2020 17:12:18 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest 5800168945bdbc47aa0fad9812865bbb73094a44270f54cfab124d6b990af46a Content-Length 16893 Accept-Ranges bytes Date Fri, 07 Feb 2020 14:04:45 GMT Age 75138 Connection keep-alive X-Served-By cache-jfk8127-JFK, cache-hhn4054-HHN X-Cache HIT, HIT X-Cache-Hits 1, 418996 X-Timer S1581084285.336855,VS0,VE0 Vary Accept-Encoding
GET DATA	200 OK	truncated / Frame 4385	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0fd0542759a56fae23f592164ca0ad97a1b54507d0b5196cf818f18a95100835 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	jload Show response pixel.adsafeprotected.com/ Frame F2B3	45 KB 13 KB	62ms 42ms	Script application/javascript	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://pixel.adsafeprotected.com/jload?anId=10249&campId=728x90&pubId=28226607&chanId=87606687&placementId=147016167&pubCreative=105407479767&pubOrder=218534127&custom=network-front&custom2=top-above-nav&custom3=&adsafe_par&impId= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 1f58bf5bd3172b03b26b24a2e27406b0ea8ec840bca74186da114d420af6be9b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT Content-Encoding gzip X-Server-Name app15.ie.303net.net Transfer-Encoding chunked Content-Type application/javascript;charset=utf-8 Access-Control-Allow-Origin pixel.adsafeprotected.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Server nginx Expires Wed, 31 Dec 1969 23:59:59 GMT
GET H/1.1	200 OK	script.js Show response acdn.adnxs.com/strikeforce/ Frame 9022	74 KB 27 KB	114ms 37ms	Script application/javascript	151.101.113.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/strikeforce/script.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 82ef2e76b179ee3e5765c3bc37d0c3238589aa41b1ca32ad631e29185ae19efe Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:45 GMT Content-Encoding gzip Age 78831 X-Cache HIT, HIT X-Cache-Hits 932, 34922 Connection keep-alive Content-Length 27327 Via 1.1 varnish, 1.1 varnish X-Served-By cache-jfk8135-JFK, cache-hhn4055-HHN Last-Modified Wed, 22 Jan 2020 17:22:46 GMT Server nginx/1.13.10 Cache-Control max-age=86402 X-Timer S1581084285.365114,VS0,VE0 ETag W/"5e2884e6-128bb" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Fastly-Debug-Digest 9063599a5c805688d4e74802cd5163536d7bd670e0ce26fd303225b790233738 Accept-Ranges bytes Expires Fri, 31 Jan 2020 16:10:42 GMT
GET H/1.1	200 OK	wrap.js Show response clarium.global.ssl.fastly.net/gpt/a/ Frame 9022	64 KB 22 KB	37ms 37ms	Script application/x-javascript	151.101.13.194 FASTLY
General Check archive.org Show headers Download Go to Full URL http://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash fced30ea7cfa7088a59b56b36a59a66b8d84a3f8e2fbd563ef762aa199e828ba Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:45 GMT Content-Encoding gzip Age 2865 X-Cache HIT Connection keep-alive Content-Length 22222 X-Served-By cache-fra19141-FRA Last-Modified Wed, 05 Feb 2020 18:58:31 GMT Server nginx X-Timer S1581084285.295582,VS0,VE0 ETag "5e3b1057-ff24" Vary Accept-Encoding Content-Type application/x-javascript Via 1.1 varnish Cache-Control private, max-age=900, stale-while-revalidate=3600 Accept-Ranges bytes X-Cache-Hits 2691
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 9022	44 KB 15 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aba43a9180b22b22dbc73b976ead8532d7f88ed5cc545a48112d2a87079fc5b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "421 / 183 of 1000 / last-modified: 1581031058" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14806 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame 9022	45 KB 13 KB	36ms 36ms	Script application/javascript	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=10188&advId=${IO_ID}&campId=${CP_ID}&pubId=2888&chanId=1039227&placementId=72012134&planId=11599635&adsafe_par&bidurl=http%3A%2F%2Fgzdfjspx.com%2F&bidPr=0&uId=2594341773630831473&impId=3360090422159446060&respID=0 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 964b6dcbb72c233a7fbdac304bbb038291f5cf00de89262286ab24ed628ecdc4 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-server-name app10.ie.303net.net access-control-allow-origin pixel.adsafeprotected.com content-type application/javascript;charset=utf-8 status 200 cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H/1.1	200 OK	it fra1-ib.adnxs.com/ Frame 9022	0 817 B	35ms 34ms	Image text/html	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fgzdfjspx.com%2F&e=wqT_3QKlA6ClAQAAAwDWAAUBCP_c9fEFEKyghtD7jdzQLhjx9uOZkIO9gCQqNgkAAAkCABEJBwgAABkBCRDXo9A_IQEJAQEAKQEFAQHw3jEAAABA4XqEPzCT_sMFOMgWQMgWSAJQ5qKrIlinxVBgAGjL7DN4-ZMFgAEBigEAkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQLIAQDQAQDYAQDgAQDwAQDYAvAk4AL46y_qAhRodHRwOi8vZ3pkZmpzcHguY29tL4ADAIgDAZADAJgDGaADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBAQvdHRqmAQAogQNMTg1LjE2LjIwNi44OagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggA4AQA8AQByDSIBQGYBQCgBQDABQDJBQH1HAAA8D_SBQkJCQxwAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYRIxDaBhYKEBENEQFQEAAYAOAGAPIGAggAgAcBiAcAoAcA&s=dbd16ee150309d6507b3750c8130cb8ffc674bf2 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:47 GMT AN-X-Request-Uuid b617b4eb-bd6b-4a35-b228-8c53f98730fa Content-Type text/html; charset=utf-8 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.16.206.89; 185.16.206.89; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame A7E8	81 KB 22 KB	9ms 9ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 13 Jan 2020 23:54:57 GMT content-encoding gzip age 2124589 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Mon, 13 Jan 2020 23:54:54 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id Y9GMEwGTOtRNcfrS37UnVFyQratUCOfoy4YcAOd7pQGTZGi9GwN8nQ==
GET H2	200	mon pixel.adsafeprotected.com/	43 B 216 B	33ms 33ms	Image image/gif	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=10188&advId=${IO_ID}&campId=${CP_ID}&pubId=2888&chanId=1039227&placementId=72081643&planId=11604344&adsafe_par&bidurl=http%3A%2F%2Fgzdfjspx.com%2F&bidPr=0&uId=2594341773630831473&impId=7293188377993784688&respID=0&adsafe_url=http%3A%2F%2Fgzdfjspx.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:3876b674-1422-90f4-e31c-0131b1c590aa,c:3y1dNU,sl:inView,em:true,fr:true,mn:app30,pt:1-5-15,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16|17,idMap:14*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:89,oid:cb4cdd42-49b2-11ea-9d97-0a62cd1421ac,v:19.8.40,sp:1,wr:1600.1200,sr:1600.1200,ov:0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:45 GMT x-server-name app18.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" status 200 cache-control no-cache content-type image/gif content-length 43 server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	287ms 93ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1dOi,pingTime:0,time:112,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:112,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[41~100],as:[41~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16|17,idMap:14*,rend:0,renddet:DIV,rmeas:0}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt13.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	pubads_impl_2020013001.js Show response securepubads.g.doubleclick.net/gpt/ Frame 9022	167 KB 61 KB	41ms 41ms	Script text/javascript	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software sffe / Resource Hash 06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Jan 2020 14:09:03 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 62230 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 9022	113 B 175 B	15ms 15ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=gzdfjspx.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 108 x-xss-protection 0
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	280ms 93ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1dOE,pingTime:-2,time:134,type:a,im:{sf:0,pom:1,prf:{beA:417,beZ:418,mfA:484,cmA:485,inA:485,inZ:491,prA:491,prZ:497,si:506,poA:506,poZ:515,cmZ:515,mfZ:515,loA:530,loZ:531,ltA:551,ltZ:551,mdA:418,mdZ:450}},sca:{dfp:{df:4,sz:728.90,dom:div}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:134,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[63~100],as:[63~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16|17,idMap:14*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_0,google_ads_iframe_/59666047/theguardian.com/international/front/ng_0__container__,dfp-ad--top-above-nav,bannerandheader],sinceFw:45,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt22.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	main.19.8.40.js Show response static.adsafeprotected.com/ Frame F2B3	162 KB 54 KB	12ms 6ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/main.19.8.40.js Requested by Host: pixel.adsafeprotected.com URL: http://pixel.adsafeprotected.com/jload?anId=10249&campId=728x90&pubId=28226607&chanId=87606687&placementId=147016167&pubCreative=105407479767&pubOrder=218534127&custom=network-front&custom2=top-above-nav&custom3=&adsafe_par&impId= Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3cf6d833839d32076b2e3f34065b32b2f8208d5a76687dc623d918a185ca1ccc Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 11:59:01 GMT Content-Encoding gzip Age 2167544 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Thu, 19 Dec 2019 20:35:24 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id w2p5hJ9tx24LIV6pu7fDukzvRHB0EjuR Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id 8gg_yUwgzS3EDy529KCM_76Z6l83KmVW0wQEmzwQez5CnOevUTH6Uw==
GET H2	200	italian.svg uploads.guim.co.uk/2020/01/31/	9 KB 10 KB	6ms 5ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/italian.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 68943950073d5d03361e52fc62b97a13c0e33a9c91f5b873960b483e6ef98bae Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT via 1.1 varnish age 2444 x-cache HIT status 200 content-length 9565 x-amz-id-2 kmq6x0sNxiM7azwKUNnMTwPYUAUvMIcTMliNXkXzEpmMR+r2DbzuCAhJT383Vpakucj5UB0wv20= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:17 GMT server AmazonS3 x-timer S1581084285.396033,VS0,VE0 etag "8512d6802c69384effc6457caa654be2" strict-transport-security max-age=86400 x-amz-request-id DC0F8DC4BF64D0F3 accept-ranges bytes content-type image/svg+xml x-cache-hits 182
GET H/1.1	200 OK	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame 8DAB	81 KB 22 KB	6ms 6ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 23:54:57 GMT Content-Encoding gzip Age 2124589 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Mon, 13 Jan 2020 23:54:54 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id 9FMdbCZCizF_ERYlo0l5-8fZvEAYqku0420RbkbRYl4jRqDax-v0rg==
GET H/1.1	200 OK	mon pixel.adsafeprotected.com/	43 B 305 B	36ms 36ms	Image image/gif	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.adsafeprotected.com/mon?anId=10249&campId=728x90&pubId=28226607&chanId=87606687&placementId=147016167&pubCreative=105407479767&pubOrder=218534127&custom=network-front&custom2=top-above-nav&custom3=&adsafe_par&impId=&adsafe_url=http%3A%2F%2Fgzdfjspx.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:a3c43510-175d-0ad1-4678-77dc6b952ecf,c:3y1dPG,sl:inView,em:true,fr:true,mn:app15,pt:1-5-15,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16|17,idMap:14*,pl:,rend:0,renddet:BODY,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:58,oid:cb5baa9c-49b2-11ea-bafc-0a320acf4edc,v:19.8.40,sp:1,wr:1600.1200,sr:1600.1200,ov:0 Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name app09.ie.303net.net P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	273ms 93ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1dQ2,pingTime:-2.1,time:220,type:a,env:{gcd:{appl:1,cnst:na,glbl:na,mtdt:undefined}},clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:220,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[149~100],as:[149~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16|17,idMap:14.a3c43510-175d-0ad1-4678-77dc6b952ecf.35_10249|14*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_0,google_ads_iframe_/59666047/theguardian.com/international/front/ng_0__container__,dfp-ad--top-above-nav,bannerandheader],sinceFw:45,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt13.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	180ms 160ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1dQ5,pingTime:0,time:82,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:82,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[43~100],as:[43~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16|17,idMap:14*,rend:0,renddet:BODY,rmeas:0}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt37.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 9022	30 KB 11 KB	335ms 334ms	XHR text/plain	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2802577559729742&correlator=1728441104820651&output=ldjh&impl=fif&eid=21064372%2C21064550%2C21065511&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200207&iu=%2F59666047%2Ftheguardian.com%2Fx-passback%2Fappnexus&sz=300x250&scp=url%3Dhttp%253A%252F%252Fgzdfjspx.com%252F%26edition%3Dint%26ct%3Dnetwork-front%26p%3Dng%26k%3Dinternational%26ab%3Dk6c8rbyvd8fz86y2ficr%26x%3Dinline1%26passback%3Dappnexus&eri=6&cookie=ID%3Dc3e267ef2f77bf82%3AT%3D1581084284%3AS%3DALNI_Mbg0W2RZlg5wCMWnF4Ne21aO4WYMA&cdm=gzdfjspx.com&bc=23&lmt=1581084285&dt=1581084285460&dlt=1581084284989&idt=465&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=2&adx=1043&ady=1258&adk=2342784336&uci=scnqs2ceerwf&ifi=1&ifk=441327354&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&nhd=1&iag=3&url=http%3A%2F%2Fgzdfjspx.com%2F&top=gzdfjspx.com&dssz=15&icsg=346&mso=32&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1806653749.1581084285&ga_sid=1581084285&ga_hid=820554667&fws=256&ohw=0&btvi=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash 792fb9e1adcd8ebbc24885c253de6c11d4274e8a665dd1aaf71b0e22db0291bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 10960 x-xss-protection 0 google-lineitem-id 5164052351 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138286578688 content-type text/plain; charset=UTF-8 access-control-allow-origin http://gzdfjspx.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2020013001.js Show response securepubads.g.doubleclick.net/gpt/ Frame 9022	66 KB 24 KB	46ms 46ms	Script text/javascript	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software sffe / Resource Hash ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Jan 2020 14:09:03 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24903 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9022	0 0	5ms 5ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	200	main.19.8.40.js Show response static.adsafeprotected.com/ Frame 9022	162 KB 54 KB	7ms 7ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.19.8.40.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=10188&advId=${IO_ID}&campId=${CP_ID}&pubId=2888&chanId=1039227&placementId=72012134&planId=11599635&adsafe_par&bidurl=http%3A%2F%2Fgzdfjspx.com%2F&bidPr=0&uId=2594341773630831473&impId=3360090422159446060&respID=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3cf6d833839d32076b2e3f34065b32b2f8208d5a76687dc623d918a185ca1ccc Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 13 Jan 2020 11:59:01 GMT content-encoding gzip age 2167544 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Thu, 19 Dec 2019 20:35:24 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id w2p5hJ9tx24LIV6pu7fDukzvRHB0EjuR via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id qyraGw9wZQLwiwplweIfytZksOY_Vpq2L5H-Dv3N5FUNv9AFoUzRLA==
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/dmp/ Frame 2837	0 0	42ms 42ms	Document text/html	151.101.113.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2888&pub_id=1039227 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate, br Cookie uuid2=2594341773630831473; anj=dTM7k!M4/8Erk#WF']wIg2IllpRl4H!]tbP6j2F-XstGtXt#r7!6p?j@[I.#; icu=ChgI-7Y_EAoYAiACKAIw_9z18QU4AkACSAIQ_9z18QUYAQ.. Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Server nginx/1.13.10 Content-Type text/html Last-Modified Fri, 31 Jan 2020 17:12:15 GMT ETag W/"5e345fef-ccb7" Expires Sat, 01 Feb 2020 17:12:18 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest 5800168945bdbc47aa0fad9812865bbb73094a44270f54cfab124d6b990af46a Content-Length 16893 Accept-Ranges bytes Date Fri, 07 Feb 2020 14:04:45 GMT Age 75138 Connection keep-alive X-Served-By cache-jfk8127-JFK, cache-hhn4055-HHN X-Cache HIT, HIT X-Cache-Hits 1, 426941 X-Timer S1581084285.483633,VS0,VE0 Vary Accept-Encoding
GET DATA	200 OK	truncated / Frame 9022	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a7fe5ce303346a455519856bc3c28790fb9803a9aa857cabfb747a84b771789 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	jload Show response pixel.adsafeprotected.com/ Frame 332B	45 KB 13 KB	36ms 35ms	Script application/javascript	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://pixel.adsafeprotected.com/jload?anId=10249&campId=300x250&pubId=28226607&chanId=87606687&placementId=115217607&pubCreative=138225686083&pubOrder=218534127&custom=network-front&custom2=inline1&custom3=&adsafe_par&impId= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 8638a9627757d1bcfad5de444ef8a19f3c7881df2172e8bb29d227c2e78e8eef Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT Content-Encoding gzip X-Server-Name app13.ie.303net.net Transfer-Encoding chunked Content-Type application/javascript;charset=utf-8 Access-Control-Allow-Origin pixel.adsafeprotected.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Server nginx Expires Wed, 31 Dec 1969 23:59:59 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	185ms 164ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1dQE,pingTime:-2,time:117,type:a,im:{sf:0,pom:1,prf:{beA:117,beZ:118,mfA:153,cmA:153,inA:154,inZ:158,prA:158,prZ:162,si:175,poA:175,poZ:185,cmZ:185,mfZ:185,loA:200,loZ:202,ltA:234,ltZ:234,mdA:118,mdZ:138}},sca:{dfp:{df:4,sz:728.90,dom:body}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:117,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[78~100],as:[78~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16|17,idMap:14*,rend:0,renddet:BODY,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_0,google_ads_iframe_/59666047/theguardian.com/international/front/ng_0__container__,dfp-ad--top-above-nav,bannerandheader],sinceFw:59,readyFired:true}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt51.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
OPTIONS H2	204	1a Show response i.clean.gg/ Frame 9022	0 264 B	161ms 109ms	XHR text/plain	34.95.69.49 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/strikeforce/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.69.49 , United States, ASN15169 (GOOGLE, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.17.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method POST Origin http://gzdfjspx.com Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Access-Control-Request-Headers content-type,x-api-key Response headers date Fri, 07 Feb 2020 14:04:45 GMT via 1.1 google alt-svc clear server nginx/1.17.4 access-control-allow-origin * access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=utf-8 status 204 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key content-length 0
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 6E9C	0 0	45ms 45ms	Fetch image/gif	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth8TxuSn7WS5Xl9xskL1U2L38fGlcNdspik6GlvodFL0zEy3y_rR5DKdKQGeH_D2mRYtWlZ9_vk3o4h4q6gRRtLLkm83NYf6My63DT5bagC3m2Jnyh0ifoZwfyMBWoEkY_klSJtv3mSLs-DoLd6VWZ204WOXH4KLG4UOqMpPn3MxIZ38_Y4rRHY-kQ5tNbKBVy7YnsG89A7q7Sf_bEwV8KHagVOMit8Kb3cOrRG_NKXQLOCwGvcNYwY89EOQTqL2ORk39mv4J3AsvRpK1QXOniWlpF0OlH2_nO&sig=Cg0ArKJSzFpXUpcx83FZEAE&adurl= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Feb 2020 14:04:45 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20200205/r20110914/ Frame 6E9C	22 KB 9 KB	5ms 5ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20200205/r20110914/abg_lite_fy2019.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0d87bf37c6fc07903bd72d21803d74e2d3edf742b1a05f497ebdfc60a7e7157a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 19:08:10 GMT content-encoding gzip x-content-type-options nosniff age 154595 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 8765 x-xss-protection 0 server cafe etag 11616804932124359057 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Feb 2020 19:08:10 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20200205/r20110914/client/ Frame 6E9C	3 KB 1 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20200205/r20110914/client/window_focus_fy2019.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4404f9a8c086e6c19f1b664ff4a917ef68d76bd1ea2dc61fa97c48977f99cb26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 19:08:40 GMT content-encoding gzip x-content-type-options nosniff age 154565 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1233 x-xss-protection 0 server cafe etag 5112019540083599776 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Feb 2020 19:08:40 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 6E9C	72 KB 27 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b424ec6465b6e0dd6e6b9ece3fa59da2a273e14ce3cebfd444ad5b661fba16b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580907112712234" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27618 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	2011611419625817847 tpc.googlesyndication.com/simgad/ Frame 6E9C	57 KB 57 KB	6ms 6ms	Image image/gif	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2011611419625817847 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d81dcb94fb09783653b02546de2c118e4936804b084ef07a212b06180584db1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 31 Jan 2020 21:41:34 GMT x-content-type-options nosniff age 577391 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 58456 x-xss-protection 0 last-modified Fri, 31 Jan 2020 16:40:07 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Jan 2021 21:41:34 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 4385	74 KB 27 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18f31e7cf5554306ac5bf2bd314fb4aeb32cbf5379c8f6a0e156e5990b1b00ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580907112712234" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27884 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H/1.1	200 OK	main.19.8.40.js Show response static.adsafeprotected.com/ Frame 332B	162 KB 54 KB	6ms 6ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/main.19.8.40.js Requested by Host: pixel.adsafeprotected.com URL: http://pixel.adsafeprotected.com/jload?anId=10249&campId=300x250&pubId=28226607&chanId=87606687&placementId=115217607&pubCreative=138225686083&pubOrder=218534127&custom=network-front&custom2=inline1&custom3=&adsafe_par&impId= Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3cf6d833839d32076b2e3f34065b32b2f8208d5a76687dc623d918a185ca1ccc Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 11:59:01 GMT Content-Encoding gzip Age 2167544 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Thu, 19 Dec 2019 20:35:24 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id w2p5hJ9tx24LIV6pu7fDukzvRHB0EjuR Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id 9H7xD-NtXq_QB9FBqSMWdmstjSCnh7FFxrN0A4b5wsO1PUJg3WkgtQ==
GET H2	200	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame AAEE	81 KB 22 KB	7ms 7ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 13 Jan 2020 23:54:57 GMT content-encoding gzip age 2124589 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Mon, 13 Jan 2020 23:54:54 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id b42Ch4tnHHjz67MyhhxW9Yfe1bPHnrlULQrPv7X7PBxAzgo50Nq8bg==
GET H2	200	mon pixel.adsafeprotected.com/	43 B 216 B	38ms 38ms	Image image/gif	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=10188&advId=${IO_ID}&campId=${CP_ID}&pubId=2888&chanId=1039227&placementId=72012134&planId=11599635&adsafe_par&bidurl=http%3A%2F%2Fgzdfjspx.com%2F&bidPr=0&uId=2594341773630831473&impId=3360090422159446060&respID=0&adsafe_url=http%3A%2F%2Fgzdfjspx.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:76990d21-9cab-b734-215c-08d5a2a9a5ce,c:3y1dS8,sl:outOfView,em:true,fr:true,mn:app10,pt:1-5-15,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rPP6x4Z+11|12|13|141|142|143|144|145|15|16*.10188|161|162|17,idMap:16*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:111,oid:cb5ac0da-49b2-11ea-b8b9-0634eb268b40,v:19.8.40,sp:1,wr:1600.1200,sr:1600.1200,ov:0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:45 GMT x-server-name app36.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" status 200 cache-control no-cache content-type image/gif content-length 43 server nginx
GET DATA	200 OK	truncated / Frame 6E9C	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5a31f667535f0142a78e0c4d84020dd778a4869c23832933b212929e1d0804b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	jload Show response pixel.adsafeprotected.com/ Frame 8CB3	45 KB 13 KB	32ms 32ms	Script application/javascript	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://pixel.adsafeprotected.com/jload?anId=10249&campId=728x90&pubId=39187647&chanId=85827087&placementId=5164052351&pubCreative=138286293287&pubOrder=371718807&custom=network-front&custom2=&custom3=&adsafe_par&impId= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 07b77b5ae98778550af1846d93a2d014de0a7384c3f9e74f15950c5fa058976b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT Content-Encoding gzip X-Server-Name app22.ie.303net.net Transfer-Encoding chunked Content-Type application/javascript;charset=utf-8 Access-Control-Allow-Origin pixel.adsafeprotected.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Server nginx Expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	rum.js Show response securepubads.g.doubleclick.net/pagead/js/ Frame 9022	52 KB 20 KB	34ms 33ms	Script text/javascript	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/js/rum.js Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/strikeforce/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash 2b8f572665e3598bf13852e1b801da9e11f3805e5b643ad346b27df69e710b80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 13:09:02 GMT content-encoding gzip x-content-type-options nosniff age 3343 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 20276 x-xss-protection 0 server cafe etag 15181610696934527040 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Fri, 07 Feb 2020 14:09:02 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	94ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=76990d21-9cab-b734-215c-08d5a2a9a5ce&tv={c:3y1dTg,pingTime:-2,time:181,type:a,im:{sf:0,pom:1,prf:{beA:476,beZ:477,mfA:581,cmA:582,inA:582,inZ:583,prA:583,prZ:585,si:587,poA:587,poZ:613,cmZ:613,mfZ:613,loA:635,loZ:636,ltA:656,ltZ:656,mdA:478,mdZ:488}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:111}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:181,n:0,pp:0,pm:0},slEvents:[{sl:o,t:111,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[75~0],as:[75~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x18+11|12|13|14.10188|141|142|143|144|145|15|16*.10188|161|162|17,idMap:16*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_1,google_ads_iframe_/59666047/theguardian.com/international/front/ng_1__container__,dfp-ad--inline1,coronavirus],sinceFw:69,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt22.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	92ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1dTJ,pingTime:-10,time:449,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022020220000002002222000022220200000222220222020002222022002222200002220222022222222222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000020222202022022020000000020000000000000000000002220002220000022200202202220022000200222022200220022222220020222222000220000222202222202222000002002002222222222220022202200022002220202202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF82KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzkuMC4zOTQ1Ljg4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1581084285674||ad31ee5037553ac6f86cb8c0ebeecab7||a9cfc38c8c27d8aade7b19701097beda||71445fb68f16e5fab1c658349f3d98f8||9eb51eca0619bf8b61e5d904a37a9b6d||324e20ea7786417fcd35faebf1839cf8||732b1dfc3bcf90243669dbe1911deeb2||92b80f8eecd1105aac719a7122af686d||1576000828} Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt47.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame C7CA	81 KB 22 KB	6ms 6ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 23:54:57 GMT Content-Encoding gzip Age 2124589 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Mon, 13 Jan 2020 23:54:54 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id 9i0zTVIA2lnkAWxS-_gxr67dGDpiEOo2RwjxMtj3_itAm9SMjUVpLA==
GET H/1.1	200 OK	mon pixel.adsafeprotected.com/	43 B 305 B	33ms 33ms	Image image/gif	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.adsafeprotected.com/mon?anId=10249&campId=300x250&pubId=28226607&chanId=87606687&placementId=115217607&pubCreative=138225686083&pubOrder=218534127&custom=network-front&custom2=inline1&custom3=&adsafe_par&impId=&adsafe_url=http%3A%2F%2Fgzdfjspx.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:6cc6d4e4-cff8-91a9-b451-a49843e40501,c:3y1dUf,sl:outOfView,em:true,fr:true,mn:app13,pt:1-5-15,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rPP6x6w+11|12|13|141|142|143|144|1451|146|15|16*.10249|161|162|163|17,idMap:16*,pl:,rend:1,renddet:A.qs.tn,rmeas:1,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:148,oid:cb7992d6-49b2-11ea-82b7-062810ec67f6,v:19.8.40,sp:1,wr:1600.1200,sr:1600.1200,ov:0 Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name app15.ie.303net.net P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	302	958153f1b8b96ec4c4eb2147429105d9.json Show response dw7nrwnn2bkh1.cloudfront.net/ Frame 9022 Redirect Chain https://i.clean.gg/1a https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json	0 -1 B	98ms 98ms	XHR text/html	34.95.69.49 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.69.49 , United States, ASN15169 (GOOGLE, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.17.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT via 1.1 google alt-svc clear server nginx/1.17.4 access-control-allow-origin * location https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json access-control-allow-methods GET, POST, OPTIONS content-type text/html status 302 access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key content-length 145 Redirect headers date Fri, 07 Feb 2020 14:04:45 GMT via 1.1 google server nginx/1.17.4 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key status 302 location https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range alt-svc clear content-length 145
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 93ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=76990d21-9cab-b734-215c-08d5a2a9a5ce&tv={c:3y1dUS,pingTime:-2.1,time:281,type:a,env:{gcd:{appl:1,cnst:na,glbl:na,mtdt:undefined}},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:111}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:281,n:0,pp:0,pm:0},slEvents:[{sl:o,t:111,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[175~0],as:[175~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x18+11|12|13|14.10188|141|142|143|144|145|15|16*.10188|161|162|17,idMap:16.6cc6d4e4-cff8-91a9-b451-a49843e40501.51_10249|16*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_1,google_ads_iframe_/59666047/theguardian.com/international/front/ng_1__container__,dfp-ad--inline1,coronavirus],sinceFw:69,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt22.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	main.19.8.40.js Show response static.adsafeprotected.com/ Frame 8CB3	162 KB 54 KB	6ms 6ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/main.19.8.40.js Requested by Host: pixel.adsafeprotected.com URL: http://pixel.adsafeprotected.com/jload?anId=10249&campId=728x90&pubId=39187647&chanId=85827087&placementId=5164052351&pubCreative=138286293287&pubOrder=371718807&custom=network-front&custom2=&custom3=&adsafe_par&impId= Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3cf6d833839d32076b2e3f34065b32b2f8208d5a76687dc623d918a185ca1ccc Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 11:59:01 GMT Content-Encoding gzip Age 2167544 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Thu, 19 Dec 2019 20:35:24 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id w2p5hJ9tx24LIV6pu7fDukzvRHB0EjuR Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id WGuBZeWikZ94k4i9jxMqroGEs4sgdsqRC9RjhOU-QL8gAZEcsoryow==
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 93ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=6cc6d4e4-cff8-91a9-b451-a49843e40501&tv={c:3y1dV9,pingTime:-2,time:203,type:a,im:{sf:0,pom:1,prf:{beA:87,beZ:88,mfA:214,cmA:215,inA:215,inZ:219,prA:219,prZ:224,si:235,poA:236,poZ:261,cmZ:261,mfZ:261,loA:276,loZ:278,ltA:290,ltZ:290,mdA:89,mdZ:98}},sca:{dfp:{df:4,sz:300.250,dom:body}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:147}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:203,n:0,pp:0,pm:0},slEvents:[{sl:o,t:147,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[74~0],as:[74~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x6w+11|12|13|141|142|143|144|1451|146|15|16*.10249|161|162|163|17,idMap:16*,rend:1,renddet:A.qs.tn,rmeas:1,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_1,google_ads_iframe_/59666047/theguardian.com/international/front/ng_1__container__,dfp-ad--inline1,coronavirus],sinceFw:54,readyFired:true}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt51.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
POST H2	204	csi csi.gstatic.com/ Frame 9022	0 304 B	60ms 30ms	Other image/gif	2a00:1450:400c:c0c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~k6c8req2&chm=1&ctx=2&gqid=fG49XsC7LM3igQevpZugDw&qqid=CMqim_nNv-cCFYO8ewod7XUHmQ&met.4=fb.8~lb.dg~ol.gf~idt.wh~dt.-87&met.9=1.a2~2.cx&met.3=197.dc~123.db_4~118.el~118.f8~118.fb~118.fb~118.fm~117.ge~118.hh~118.hl~143.hm_1~118.i1~118.i1~118.i5~118.i5~118.i6~118.i8~118.jb~118.l1~143.l6_1~118.lb~118.lg~118.lh~118.lo~113.lq_4~112.lp_5&met.1=1.k6c8re4d~14.0~15.0~16.0~17.0~18.0~19.0~20.ge~21.ge~22.f8~23.f8&met.7=CBsQCiAJOG0~CCoQChgBIAkoCTAaOBI~CBsQBiAMOCo~CBsQCiCAATiLAQ~CBsQCiCdAjiMAQ~CBsQCiCeAjgt~CA0QChgBIJ4CKJ4CMK0COA9onwJwrQJ4vXSAAdZziAH43wKwAQG4AQM~CBsQCiCfAjgk~CBsQBiChAjgj~CA4QChgBIOsCKOsCMKoDOD9o6wJwlAN4iOcDgAGW5gOIAbO5CrABAbgBAw~CDAQBxgBIOsCKOsCMPsCOBBo6wJw-gJ4rwGAAWyIAXGwAQG4AQM~CCwQChgBINsDKNsDMIwEODFo2wNwiQR4lcMBgAHHwgGIAYOSBLABAbgBAw~CBsQCiDeAzgK~CBsQBSDfAzgs~CBsQDSD4AzihAQ~CCgQChgBIPwEKPwEMKEFOCVo_QRwngV4558BgAG0ngGIAdOdA7ABAbgBAw Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::5e Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:45 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 204 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame E3CE	0 0	44ms 44ms	Fetch image/gif	216.58.207.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZFss8uGfanSBey12Ta9pr04fvvhZWi1XxBuwc5f-ZmEWnmJpuP31kYCVqft1-qZtynO3mtNc820yCn2lXu_3M5ODRbCODxMPk_KxRwOFoHUvY0oX3JPngD7n82MJguih3QlnucwP_gQjoePrptLWKOoGfy-zZPZWMWfPFCG7ovPK3uqRIXcGZXX43dn_H568hm_tZ2qaCUKTB5YmW30i66QXz6O2a2Zdl1ysddxmGwVyTrJIJV89GLpM_81xv-tKN4MITF4k6vqOV53YndTd0vZ--OModjr4Q&sig=Cg0ArKJSzHqpllv7OYvWEAE&adurl= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s24-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Feb 2020 14:04:45 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20200205/r20110914/ Frame E3CE	22 KB 9 KB	5ms 5ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20200205/r20110914/abg_lite_fy2019.js Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/strikeforce/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0d87bf37c6fc07903bd72d21803d74e2d3edf742b1a05f497ebdfc60a7e7157a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 19:08:10 GMT content-encoding gzip x-content-type-options nosniff age 154595 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 8765 x-xss-protection 0 server cafe etag 11616804932124359057 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Feb 2020 19:08:10 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20200205/r20110914/client/ Frame E3CE	3 KB 1 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20200205/r20110914/client/window_focus_fy2019.js Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/strikeforce/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4404f9a8c086e6c19f1b664ff4a917ef68d76bd1ea2dc61fa97c48977f99cb26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 19:08:40 GMT content-encoding gzip x-content-type-options nosniff age 154565 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1233 x-xss-protection 0 server cafe etag 5112019540083599776 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Feb 2020 19:08:40 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame E3CE	72 KB 27 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/strikeforce/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b424ec6465b6e0dd6e6b9ece3fa59da2a273e14ce3cebfd444ad5b661fba16b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580907112712234" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27618 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H2	200	2823372601318627953 tpc.googlesyndication.com/simgad/ Frame E3CE	69 KB 70 KB	7ms 7ms	Image image/gif	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2823372601318627953 Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/strikeforce/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 454ced58f0e9c0eed82129589a1834b05174f353c31ef5ab45e7256c4393fc66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Sat, 01 Feb 2020 01:40:38 GMT x-content-type-options nosniff age 563047 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 71075 x-xss-protection 0 last-modified Fri, 31 Jan 2020 16:41:18 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Jan 2021 01:40:38 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 9022	74 KB 27 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/strikeforce/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18f31e7cf5554306ac5bf2bd314fb4aeb32cbf5379c8f6a0e156e5990b1b00ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:45 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580907112712234" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27884 x-xss-protection 0 expires Fri, 07 Feb 2020 14:04:45 GMT
GET H/1.1	200 OK	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame 0FE6	81 KB 22 KB	8ms 8ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 23:54:57 GMT Content-Encoding gzip Age 2124589 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Mon, 13 Jan 2020 23:54:54 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id erV-hqkoXcQR4SC1y_rn2ZSrml7beAywx9YSxEgY578Shnyu1UQoBQ==
GET H/1.1	200 OK	mon pixel.adsafeprotected.com/	43 B 305 B	33ms 33ms	Image image/gif	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.adsafeprotected.com/mon?anId=10249&campId=728x90&pubId=39187647&chanId=85827087&placementId=5164052351&pubCreative=138286293287&pubOrder=371718807&custom=network-front&custom2=&custom3=&adsafe_par&impId=&adsafe_url=http%3A%2F%2Fgzdfjspx.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:e05ec63c-9b64-c271-9715-ed311ea2aa0b,c:3y1dWw,sl:inView,em:true,fr:true,mn:app22,pt:1-5-15,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165|17,idMap:145*,pl:,rend:0,renddet:WINDOW,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:92,oid:cb8e2cfa-49b2-11ea-88d6-0661a761d26a,v:19.8.40,sp:1,wr:1600.1200,sr:1600.1200,ov:0 Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name app31.ie.303net.net P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
OPTIONS H2	200	958153f1b8b96ec4c4eb2147429105d9.json Show response dw7nrwnn2bkh1.cloudfront.net/ Frame 9022	0 385 B	133ms 98ms	XHR text/plain	2600:9000:2057:7400:6:266a:9940:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:7400:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method GET Origin null Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Access-Control-Request-Headers content-type,x-api-key Response headers date Fri, 07 Feb 2020 14:04:46 GMT via 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop FRA6-C1 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method access-control-allow-methods GET, POST status 200 access-control-max-age 600 x-cache Miss from cloudfront access-control-allow-origin * content-length 0 x-amz-cf-id Ur0rDGjx2fk8pGxvdMjMNP0tkwkCo4nyjWGg45Nh-qx6hW_PbikQbQ== access-control-allow-headers content-type, x-api-key
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	94ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1dWQ,pingTime:-2.2,time:642,type:a,im:{pci:{tdr:525}},clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:642,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[571~100],as:[571~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:111,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16.10188|17|145.10249,idMap:14.a3c43510-175d-0ad1-4678-77dc6b952ecf.35_10249|145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.27_10249|14*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_0,google_ads_iframe_/59666047/theguardian.com/international/front/ng_0__container__,dfp-ad--top-above-nav,bannerandheader],sinceFw:45,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt22.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1dWR,pingTime:-2.1,time:502,type:a,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:502,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[463~100],as:[463~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:271,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:0,renddet:BODY,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_0,google_ads_iframe_/59666047/theguardian.com/international/front/ng_0__container__,dfp-ad--top-above-nav,bannerandheader],sinceFw:59,readyFired:true}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt51.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	92ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1dWX,pingTime:0,time:118,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:119,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[41~100],as:[41~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT X-Server-Name dt37.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET DATA	200 OK	truncated / Frame E3CE	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8410b5700c9c0f1b3a46888c2e11869d1573276edf79f16c77ad95d1532dc120 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	jload Show response pixel.adsafeprotected.com/ Frame 94A9	45 KB 13 KB	32ms 32ms	Script application/javascript	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://pixel.adsafeprotected.com/jload?anId=10249&campId=300x250&pubId=39187647&chanId=85827087&placementId=5164052351&pubCreative=138286578688&pubOrder=371718807&custom=network-front&custom2=&custom3=&adsafe_par&impId= Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f8eb900f2ce095db453696d9e0f696a2c4de0286cffb6d8418a4816104daa542 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:45 GMT Content-Encoding gzip X-Server-Name app04.ie.303net.net Transfer-Encoding chunked Content-Type application/javascript;charset=utf-8 Access-Control-Allow-Origin pixel.adsafeprotected.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Server nginx Expires Wed, 31 Dec 1969 23:59:59 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	184ms 164ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1dXO,pingTime:-2,time:171,type:a,im:{sf:0,pom:1,prf:{beA:145,beZ:146,mfA:221,cmA:222,inA:222,inZ:226,prA:226,prZ:230,si:237,poA:238,poZ:246,cmZ:246,mfZ:246,loA:265,loZ:268,ltA:316,ltZ:316,mdA:147,mdZ:155}},sca:{dfp:{df:4,sz:728.90,dom:div}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:171,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[93~100],as:[93~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_0,google_ads_iframe_/59666047/theguardian.com/international/front/ng_0__container__,dfp-ad--top-above-nav,bannerandheader],sinceFw:78,readyFired:true}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt04.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	gn secure-dcr.imrworldwide.com/cgi-bin/	44 B 524 B	34ms 34ms	Image image/gif	34.254.133.173 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-107857&ch=au-107857_c25_international_S&asn=international&sessionId=WOp1OHpHpDw7UdTP0810Q53fl9kkM1581084283&prv=1&c6=vc,c25&ca=NA&c13=asid,P505182AA-1D71-49D8-8287-AA222CD05424&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,theguardian&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15810842830208040&c30=bldv,6.0.0.474&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=international&c3=st,c&c64=starttm,1581084285&adid=international&c58=isLive,false&c59=sesid,&c61=createtm,1581084285&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=http%3A%2F%2Fgzdfjspx.com%2F&c66=mediaurl,&c62=sendTime,1581084286&rnd=256631 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.133.173 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-133-173.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:46 GMT server nginx access-control-allow-origin * access-control-allow-methods POST, OPTIONS p3p P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM" status 200 cache-control no-cache content-type image/gif content-length 44 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	958153f1b8b96ec4c4eb2147429105d9.json Show response dw7nrwnn2bkh1.cloudfront.net/ Frame 9022	4 KB 5 KB	6ms 6ms	XHR application/json	2600:9000:2057:7400:6:266a:9940:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:7400:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1338a0906d667c3a0e5f5d95d572caaae4841e915cade46d266ffadf1c949053 Request headers Referer http://gzdfjspx.com/ Origin null User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 x-api-key cvYGNal5xGaRZYDiS2z80aL3JULuLgSOakuDmdmt Content-Type application/json Response headers date Thu, 06 Feb 2020 14:16:08 GMT via 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 85719 x-cache Hit from cloudfront status 200 content-length 4306 last-modified Thu, 06 Feb 2020 14:15:54 GMT server AmazonS3 etag "bddd24d965b6af8696f4566cf6ed02d7" access-control-max-age 600 access-control-allow-methods GET, POST content-type application/json access-control-allow-origin * x-amz-cf-pop FRA6-C1 accept-ranges bytes x-amz-cf-id _cKK0-bC-jEaC1mi4c8q08OagH9n6IVYhXbv8bxTvGE8LpbHC2p4Ow==
GET H/1.1	200 OK	main.19.8.40.js Show response static.adsafeprotected.com/ Frame 94A9	162 KB 54 KB	8ms 8ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/main.19.8.40.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3cf6d833839d32076b2e3f34065b32b2f8208d5a76687dc623d918a185ca1ccc Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 11:59:01 GMT Content-Encoding gzip Age 2167545 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Thu, 19 Dec 2019 20:35:24 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id w2p5hJ9tx24LIV6pu7fDukzvRHB0EjuR Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id Ytdlfac38kPc1cg-mReSkl6GzWUtgd9VBN9XwN6TYOKc5LI8xcQ_-Q==
GET H/1.1	200 OK	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame FE93	81 KB 22 KB	6ms 6ms	Script application/javascript	2600:9000:214f:b200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 13 Jan 2020 23:54:57 GMT Content-Encoding gzip Age 2124590 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Last-Modified Mon, 13 Jan 2020 23:54:54 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id v99yBOvmcripm7xa8K9kYNNQZGi8YIRdOChs0R3SsGn1gmB1jzSpIw==
GET H/1.1	200 OK	mon pixel.adsafeprotected.com/	43 B 305 B	33ms 33ms	Image image/gif	52.50.154.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.adsafeprotected.com/mon?anId=10249&campId=300x250&pubId=39187647&chanId=85827087&placementId=5164052351&pubCreative=138286578688&pubOrder=371718807&custom=network-front&custom2=&custom3=&adsafe_par&impId=&adsafe_url=http%3A%2F%2Fgzdfjspx.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:2160e02c-d31f-f988-9c3d-3b68f93300e7,c:3y1e08,sl:outOfView,em:true,fr:true,mn:app04,pt:1-5-15,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rPP6xdW+11|12|13|141|142|143|144|1451|1452|146|15|161|162|163|164|165*.10249|1651|166|17,idMap:165*,pl:,rend:0,renddet:WINDOW,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:53,oid:cbbcb637-49b2-11ea-afbf-061b2abdf756,v:19.8.40,sp:1,wr:1600.1200,sr:1600.1200,ov:0 Protocol HTTP/1.1 Server 52.50.154.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-154-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name app38.ie.303net.net P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	94ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=76990d21-9cab-b734-215c-08d5a2a9a5ce&tv={c:3y1e0O,pingTime:-2.2,time:649,type:a,clog:[{piv:0,vs:o,r:l,w:300,h:250,t:111}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:649,n:0,pp:0,pm:0},slEvents:[{sl:o,t:111,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[543~0],as:[543~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:178,fm:rPP6x18+11|12|13|14.10188|141|142|143|144|145.10249|15|16*.10188|161|162|17|165.10249,idMap:16.6cc6d4e4-cff8-91a9-b451-a49843e40501.51_10249|165.2160e02c-d31f-f988-9c3d-3b68f93300e7.51_10249|16*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_1,google_ads_iframe_/59666047/theguardian.com/international/front/ng_1__container__,dfp-ad--inline1,coronavirus],sinceFw:69,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt22.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	92ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=6cc6d4e4-cff8-91a9-b451-a49843e40501&tv={c:3y1e0P,pingTime:-2.1,time:555,type:a,clog:[{piv:0,vs:o,r:l,w:300,h:250,t:147}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:555,n:0,pp:0,pm:0},slEvents:[{sl:o,t:147,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[425~0],as:[425~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:162,fm:rPP6x6w+11|12|13|141|142|143|144|145.10249|1451|146|15|16*.10249|161|162|163|17|165.10249,idMap:165.2160e02c-d31f-f988-9c3d-3b68f93300e7.53_10249|16*,rend:1,renddet:A.qs.tn,rmeas:1,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_1,google_ads_iframe_/59666047/theguardian.com/international/front/ng_1__container__,dfp-ad--inline1,coronavirus],sinceFw:54,readyFired:true}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt04.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	91ms 91ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1e19,time:768,type:e,im:{pci:{tdr:539}},es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:768,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[729~100],as:[729~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:145,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249|165.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt37.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	94ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=2160e02c-d31f-f988-9c3d-3b68f93300e7&tv={c:3y1e1b,pingTime:-2,time:117,type:a,im:{sf:0,pom:1,prf:{beA:120,beZ:121,mfA:148,cmA:149,inA:149,inZ:156,prA:156,prZ:164,si:172,poA:173,poZ:206,cmZ:206,mfZ:206,loA:219,loZ:222,ltA:236,ltZ:236,mdA:121,mdZ:131}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:52}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:117,n:0,pp:0,pm:0},slEvents:[{sl:o,t:52,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[84~0],as:[84~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rPP6xdW+11|12|13|141|142|143|144|1451|1452|146|15|161|162|163|164|165*.10249|1651|166|17,idMap:165*,rend:0,renddet:WINDOW,rmeas:0,slid:[google_ads_iframe_/59666047/theguardian.com/international/front/ng_1,google_ads_iframe_/59666047/theguardian.com/international/front/ng_1__container__,dfp-ad--inline1,coronavirus],sinceFw:62,readyFired:true}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt51.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	92ms 91ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=76990d21-9cab-b734-215c-08d5a2a9a5ce&tv={c:3y1e1U,time:717,type:e,im:{pci:{tdr:549}},es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:717,n:0,pp:0,pm:0},slEvents:[{sl:o,t:111,wc:0.0.1600.1200,ac:1043.1258.300.250,am:i,cc:1043.1258.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[611~0],as:[611~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:178,fm:rPP6x18+11|12|13|14.10188|141|142|143|144|145.10249|15|16*.10188|161|162|17|165.10249,idMap:16.6cc6d4e4-cff8-91a9-b451-a49843e40501.51_10249|165.2160e02c-d31f-f988-9c3d-3b68f93300e7.51_10249|16*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt47.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	92ms 91ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1e4r,pingTime:1,time:1113,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1113,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1042~100],as:[1042~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:147,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16.10188|17|145.10249|165.10249,idMap:14.a3c43510-175d-0ad1-4678-77dc6b952ecf.35_10249|145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.27_10249|14*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt47.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 93ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1e4r,pingTime:1,time:1113,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1113,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1042~100],as:[1042~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:147,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16.10188|17|145.10249|165.10249,idMap:14.a3c43510-175d-0ad1-4678-77dc6b952ecf.35_10249|145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.27_10249|14*,rend:1,renddet:IMG.qs,rmeas:1,metricId:publ1,cmr:t}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt22.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 93ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1e4s,pingTime:1,time:1114,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1114,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1043~100],as:[1043~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:147,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16.10188|17|145.10249|165.10249,idMap:14.a3c43510-175d-0ad1-4678-77dc6b952ecf.35_10249|145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.27_10249|14*,rend:1,renddet:IMG.qs,rmeas:1,metricId:grpm1,cmr:t}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt13.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	101ms 101ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1e6e,pingTime:1,time:1083,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1083,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1044~100],as:[1044~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:93,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249|165.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt51.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	92ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1e6f,pingTime:1,time:1084,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1084,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1045~100],as:[1045~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:93,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249|165.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt37.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1e6f,pingTime:1,time:1084,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1084,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1045~100],as:[1045~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:93,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249|165.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:1,renddet:IMG.qs,rmeas:1,metricId:publ1,cmr:t}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt04.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	179ms 159ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1e6g,pingTime:1,time:1085,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1085,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1046~100],as:[1046~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:93,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249|165.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:1,renddet:IMG.qs,rmeas:1,metricId:grpm1,cmr:t}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt21.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4385	42 B 110 B	15ms 15ms	Image image/gif	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7oopRUA1pPwgE2FLlsl6oa-3pICgJIe81S98PWqBkzQuFAVUsPhaLHS70mdnhV8QXTdeTn3KJ6JAcakStjQr2jWTA3nKTuhHFqqX6uFo&sig=Cg0ArKJSzEwiNJUGNctEEAE&adk=2414939258&tt=-1&bs=1585%2C1200&mtos=1090,1090,1090,1090,1090&tos=1090,0,0,0,0&p=24,429,114,1157&sbeos=0&mcvt=1090&rs=0&ht=0&tfs=126&tls=1216&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581084284819&dlt&rpt=437&isd=0&msd=0&ext&phel=1&phell=1&xdi=0&ps=1585%2C10344&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-5-10-10-0-0-0&tvt=1212&is=728%2C90&iframe_loc=http%3A%2F%2Fgzdfjspx.com%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200205 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:46 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	95ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1ed8,pingTime:1,time:1121,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1121,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1043~100],as:[1043~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:214,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165.10249|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt21.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	94ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1ed8,pingTime:1,time:1121,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1121,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1043~100],as:[1043~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:214,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165.10249|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt51.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	94ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1ed9,pingTime:1,time:1122,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1122,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1044~100],as:[1044~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:214,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165.10249|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0,metricId:publ1,cmr:t}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt04.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1ed9,pingTime:1,time:1122,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1122,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1044~100],as:[1044~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:214,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165.10249|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0,metricId:grpm1,cmr:t}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:46 GMT X-Server-Name dt37.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	spanish.svg uploads.guim.co.uk/2020/01/31/	9 KB 9 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/spanish.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash cce67a41007675471b8696c5d08eab6d6be00c1e1cdfebca5a0f81ef540296eb Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:46 GMT via 1.1 varnish age 2428 x-cache HIT status 200 content-length 9262 x-amz-id-2 rrk8lvy4KdHDSEbuHwrQfNezdjHYKfeQGubIJh9t2hr+Rd53gbOxRS4g+5oHxgn039pJfGN2nl8= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:17 GMT server AmazonS3 x-timer S1581084287.895837,VS0,VE0 etag "6ffb0c78c505db5ceb6f372b601c4f40" strict-transport-security max-age=86400 x-amz-request-id A85CE6AAD3F5CB5C accept-ranges bytes content-type image/svg+xml x-cache-hits 180
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 6E9C	42 B 110 B	14ms 14ms	Image image/gif	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurts2DgnVlx8J8pLVt8nTzXcdj1bUba9zt1woz3dgQkcHyRPVJd6Wt10XWy_SXqBa7b8o20TrJJTdC5CC6KWz96ocT9uWPNnqCEt_231g&sig=Cg0ArKJSzCtjyi2nwXMZEAE&adk=2719141283&tt=-1&bs=1585%2C1200&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&p=0,0,90,728&mcvt=1056&rs=0&ht=0&tfs=272&tls=1328&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581084285529&dlt&rpt=85&isd=0&msd&ext&xdi=0&ps=1585%2C10344&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-2-12-12-0-0-0&tvt=1328&is=728%2C90&iframe_loc=http%3A%2F%2Fgzdfjspx.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20200205 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:46 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame E0D3	0 0	75ms 54ms	Document text/html	151.101.113.108 FASTLY
General Check archive.org Show headers Download Go to Full URL http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055 Content-Length 506 Accept-Ranges bytes Date Fri, 07 Feb 2020 14:04:47 GMT Age 15999772 Connection keep-alive X-Served-By cache-jfk8123-JFK, cache-hhn4041-HHN X-Cache HIT, HIT X-Cache-Hits 1276778, 654086 X-Timer S1581084288.572162,VS0,VE0 Vary Accept-Encoding
GET H2	200	load-cookie.html elb.the-ozone-project.com/static/ Frame A5BF	0 0	35ms 34ms	Document text/html	52.16.230.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elb.the-ozone-project.com/static/load-cookie.html Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.16.230.80 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-230-80.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers :method GET :authority elb.the-ozone-project.com :scheme https :path /static/load-cookie.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer http://gzdfjspx.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers status 200 date Fri, 07 Feb 2020 14:04:47 GMT content-type text/html; charset=utf-8 content-length 10714 accept-ranges bytes cache-control no-cache, no-store, must-revalidate expires 0 last-modified Wed, 06 Nov 2019 14:48:04 GMT pragma no-cache vary Origin
GET H2	200	pd eu-u.openx.net/w/1.0/ Frame 2DDA Redirect Chain https://eu-u.openx.net/w/1.0/pd?plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1	0 0	37ms 37ms	Document text/html	34.95.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.174.3 / Resource Hash Request headers :method GET :authority eu-u.openx.net :scheme https :path /w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer http://gzdfjspx.com/ accept-encoding gzip, deflate, br cookie i=c6382182-e842-065c-1c9a-ea22b921baee|1581084287 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers status 200 vary Accept, Accept-Encoding set-cookie i=c6382182-e842-065c-1c9a-ea22b921baee|1581084287; Version=1; Expires=Sat, 06-Feb-2021 14:04:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1581084287|mOgikimWiygu; Version=1; Expires=Sat, 22-Feb-2020 14:04:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.174.3 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 07 Feb 2020 14:04:47 GMT content-type text/html content-length 374 content-encoding gzip via 1.1 google alt-svc clear Redirect headers status 302 set-cookie i=c6382182-e842-065c-1c9a-ea22b921baee|1581084287; Version=1; Expires=Sat, 06-Feb-2021 14:04:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.174.3 p3p CP="CUR ADM OUR NOR STA NID" location https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 date Fri, 07 Feb 2020 14:04:47 GMT content-length 0 via 1.1 google alt-svc clear
GET H/1.1	200 OK	showad.js ads.pubmatic.com/AdServer/js/ Frame E94B	0 0	130ms 56ms	Document text/html	23.210.249.92 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-92.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Host ads.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Last-Modified Tue, 04 Feb 2020 05:12:07 GMT ETag "13006b6-9f85-59db914d12ccf" Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Content-Encoding gzip P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 14955 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=37405 Expires Sat, 08 Feb 2020 00:28:12 GMT Date Fri, 07 Feb 2020 14:04:47 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	showad.js ads.pubmatic.com/AdServer/js/ Frame A4D8	0 0	126ms 54ms	Document text/html	23.210.249.92 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-92.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Host ads.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Last-Modified Tue, 04 Feb 2020 05:12:07 GMT ETag "13006b6-9f85-59db914d12ccf" Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Content-Encoding gzip P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 14955 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=37405 Expires Sat, 08 Feb 2020 00:28:12 GMT Date Fri, 07 Feb 2020 14:04:47 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame 8324	0 0	75ms 55ms	Document text/html	151.101.113.108 FASTLY
General Check archive.org Show headers Download Go to Full URL http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol HTTP/1.1 Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://gzdfjspx.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055 Content-Length 506 Accept-Ranges bytes Date Fri, 07 Feb 2020 14:04:47 GMT Age 15999772 Connection keep-alive X-Served-By cache-jfk8123-JFK, cache-hhn4079-HHN X-Cache HIT, HIT X-Cache-Hits 1276778, 4503366 X-Timer S1581084288.589056,VS0,VE0 Vary Accept-Encoding
GET H2	200	load-cookie.html elb.the-ozone-project.com/static/ Frame 6547	0 0	35ms 35ms	Document text/html	52.16.230.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elb.the-ozone-project.com/static/load-cookie.html Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.16.230.80 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-230-80.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers :method GET :authority elb.the-ozone-project.com :scheme https :path /static/load-cookie.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer http://gzdfjspx.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers status 200 date Fri, 07 Feb 2020 14:04:47 GMT content-type text/html; charset=utf-8 content-length 10714 accept-ranges bytes cache-control no-cache, no-store, must-revalidate expires 0 last-modified Wed, 06 Nov 2019 14:48:04 GMT pragma no-cache vary Origin
GET H2	200	pd eu-u.openx.net/w/1.0/ Frame D248 Redirect Chain https://eu-u.openx.net/w/1.0/pd?plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1	0 0	34ms 34ms	Document text/html	34.95.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.174.3 / Resource Hash Request headers :method GET :authority eu-u.openx.net :scheme https :path /w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer http://gzdfjspx.com/ accept-encoding gzip, deflate, br cookie i=4873964d-851a-0287-097b-647bb60b5e68|1581084287 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://gzdfjspx.com/ Response headers status 200 vary Accept, Accept-Encoding set-cookie i=4873964d-851a-0287-097b-647bb60b5e68|1581084287; Version=1; Expires=Sat, 06-Feb-2021 14:04:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1581084287|mOgikimWiygu; Version=1; Expires=Sat, 22-Feb-2020 14:04:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.174.3 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 07 Feb 2020 14:04:47 GMT content-type text/html content-length 373 content-encoding gzip via 1.1 google alt-svc clear Redirect headers status 302 set-cookie i=4873964d-851a-0287-097b-647bb60b5e68|1581084287; Version=1; Expires=Sat, 06-Feb-2021 14:04:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.174.3 p3p CP="CUR ADM OUR NOR STA NID" location https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=4e3ec92f-8002-4730-a70d-da94c735a95f&gdpr=1 date Fri, 07 Feb 2020 14:04:47 GMT content-length 0 via 1.1 google alt-svc clear
GET H/1.1	204 No Content	2 ophan.theguardian.com/img/	0 336 B	31ms 31ms	Image text/plain	99.81.132.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ophan.theguardian.com/img/2?viewId=k6c8rbyvd8fz86y2ficr&register=%5B%7B%22name%22%3A%22most-popular%22%2C%22status%22%3A%22completed%22%2C%22endTime%22%3A%22148ms%22%7D%5D Protocol HTTP/1.1 Server 99.81.132.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-132-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 07 Feb 2020 14:04:47 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Cache-Control no-cache, no-store X-Content-Type-Options nosniff Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	english.svg uploads.guim.co.uk/2020/01/31/	8 KB 8 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/english.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7f4c9760a8c4244b0435d5ac61494c6c300b4547b80bd052c2cc843282901317 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:48 GMT via 1.1 varnish age 2429 x-cache HIT status 200 content-length 8197 x-amz-id-2 55DrHMdyazKXNxPNBYvf+rfx2UrIfwRDEDp+M7KV3NigRBq6qHwRTv63xME7naNwxfERtzOjcbY= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:16 GMT server AmazonS3 x-timer S1581084288.396143,VS0,VE0 etag "ce1d8012724d444b017616a3ec024faf" strict-transport-security max-age=86400 x-amz-request-id 7AFC194813986EAB accept-ranges bytes content-type image/svg+xml x-cache-hits 25
GET H2	200	french.svg uploads.guim.co.uk/2020/01/31/	11 KB 11 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/french.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f3b1a8eaeb12ee84af7c9bc4ad64e2fd07b179dfba022f27eab563faca17abc6 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:49 GMT via 1.1 varnish age 2412 x-cache HIT status 200 content-length 11073 x-amz-id-2 iW/yNEko7wIyXf8updIy6DQvGqjt5J2qK6yXH/6DZPjb7IeO8IzBL+NsUW54e5FXl+vmhDFVH3M= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:16 GMT server AmazonS3 x-timer S1581084290.897921,VS0,VE0 etag "d96d944d33ab1371b5e1cc68a05e1b14" strict-transport-security max-age=86400 x-amz-request-id C2420701A224C986 accept-ranges bytes content-type image/svg+xml x-cache-hits 178
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	95ms 94ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10188&asId=3876b674-1422-90f4-e31c-0131b1c590aa&tv={c:3y1f6X,pingTime:5,time:5113,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:87}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5113,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:87,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5043~100],as:[5043~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:96,fm:rPP6x18+11|12|13|14*.10188|141|142|15|16.10188|17|145.10249|165.10249,idMap:14.a3c43510-175d-0ad1-4678-77dc6b952ecf.35_10249|145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.27_10249|14*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:50 GMT X-Server-Name dt13.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	93ms 92ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1f8K,pingTime:5,time:5083,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5083,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5044~100],as:[5044~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:180,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249|165.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:50 GMT X-Server-Name dt04.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	91ms 91ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=a3c43510-175d-0ad1-4678-77dc6b952ecf&tv={c:3y1f8L,pingTime:5,time:5084,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:57}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5084,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:56,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5045~100],as:[5045~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:180,fm:rPP6x3p+11|12|13|14*.10249|141|142|143|15|16.10188|17|145.10249|165.10249,idMap:145.e05ec63c-9b64-c271-9715-ed311ea2aa0b.28_10249|14*,rend:1,renddet:IMG.qs,rmeas:1}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:50 GMT X-Server-Name dt21.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	188ms 179ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1fgO,pingTime:5,time:5193,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5193,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5116~100],as:[5116~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:96,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165.10249|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:51 GMT X-Server-Name dt04.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	187ms 178ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL http://dt.adsafeprotected.com/dt?anId=10249&asId=e05ec63c-9b64-c271-9715-ed311ea2aa0b&tv={c:3y1fgR,pingTime:5,time:5196,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:91}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5196,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:91,wc:0.0.1600.1200,ac:429.24.728.90,am:i,cc:429.24.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5119~100],as:[5119~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:96,fm:rPP6x9H+11|12|13|141|142|143|144|145*.10249|1451|146|15|161|162|163|164|165.10249|17,idMap:145*,rend:0,renddet:WINDOW,rmeas:0}&br=u Protocol HTTP/1.1 Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Feb 2020 14:04:51 GMT X-Server-Name dt21.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	polish.svg uploads.guim.co.uk/2020/01/31/	9 KB 9 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/polish.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 25dbcd6feb578c6f54e10c5d88a931fe25a99f06d8b7753a2ae16f8a9acaad01 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:51 GMT via 1.1 varnish age 2413 x-cache HIT status 200 content-length 9389 x-amz-id-2 kzkhx0kPXR3rDLQWJgO2X+Qf7cSlm/g3lOG6OBe1vxibuGnD2bhvJHqOC6uksMAN0PAWFo9Qt+w= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:17 GMT server AmazonS3 x-timer S1581084291.395929,VS0,VE0 etag "cac630bb23b00c7a8e4c1306781b156a" strict-transport-security max-age=86400 x-amz-request-id 81733CFFB1093167 accept-ranges bytes content-type image/svg+xml x-cache-hits 179
GET H2	200	english.svg uploads.guim.co.uk/2020/01/31/	8 KB 8 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/english.svg Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7f4c9760a8c4244b0435d5ac61494c6c300b4547b80bd052c2cc843282901317 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:52 GMT via 1.1 varnish age 2434 x-cache HIT status 200 content-length 8197 x-amz-id-2 55DrHMdyazKXNxPNBYvf+rfx2UrIfwRDEDp+M7KV3NigRBq6qHwRTv63xME7naNwxfERtzOjcbY= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:16 GMT server AmazonS3 x-timer S1581084293.896309,VS0,VE0 etag "ce1d8012724d444b017616a3ec024faf" strict-transport-security max-age=86400 x-amz-request-id 7AFC194813986EAB accept-ranges bytes content-type image/svg+xml x-cache-hits 26
GET H2	200	swedish.svg uploads.guim.co.uk/2020/01/31/	9 KB 9 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/swedish.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash dc0bb503029ac271cda9e54716451dc3dd4bd05a2589b59808c5a0a5dbd57c18 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:54 GMT via 1.1 varnish age 2430 x-cache HIT status 200 content-length 8725 x-amz-id-2 bVfns2wdeyC+wCRZTa6+J3LzvcouPISDQnbveiuKkunUatrY36WPLrwWCVLOr1eN6Z+phHwZ1BI= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:17 GMT server AmazonS3 x-timer S1581084294.396286,VS0,VE0 etag "f663451a000ca4005507e43e16834814" strict-transport-security max-age=86400 x-amz-request-id 7D1E10B3BF6238B8 accept-ranges bytes content-type image/svg+xml x-cache-hits 177
GET H2	200	dutch2.svg uploads.guim.co.uk/2020/02/03/	11 KB 11 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/02/03/dutch2.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 90365394c2b834446699658af6c7b66c799422651071cb5372ece1f11308024a Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:55 GMT via 1.1 varnish age 3321 x-cache HIT status 200 content-length 10824 x-amz-id-2 e+0D3gFSpkLYvHm+6fDA6YOr/CEooBMVl0POWVopb1hazcy3F34786dBaPtdq5AVh5WIJpEermI= x-served-by cache-fra19162-FRA last-modified Mon, 03 Feb 2020 11:53:20 GMT server AmazonS3 x-timer S1581084296.895872,VS0,VE0 etag "f6db1761cb131060a43b062f458143b8" strict-transport-security max-age=86400 x-amz-request-id F82EA8F229413A00 accept-ranges bytes content-type image/svg+xml x-cache-hits 237
GET H2	200	english.svg uploads.guim.co.uk/2020/01/31/	8 KB 8 KB	6ms 6ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/english.svg Requested by Host: gzdfjspx.com URL: http://gzdfjspx.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7f4c9760a8c4244b0435d5ac61494c6c300b4547b80bd052c2cc843282901317 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:57 GMT via 1.1 varnish age 2438 x-cache HIT status 200 content-length 8197 x-amz-id-2 55DrHMdyazKXNxPNBYvf+rfx2UrIfwRDEDp+M7KV3NigRBq6qHwRTv63xME7naNwxfERtzOjcbY= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 10:34:16 GMT server AmazonS3 x-timer S1581084297.396166,VS0,VE0 etag "ce1d8012724d444b017616a3ec024faf" strict-transport-security max-age=86400 x-amz-request-id 7AFC194813986EAB accept-ranges bytes content-type image/svg+xml x-cache-hits 27
POST H2	204	csi csi.gstatic.com/ Frame 9022	0 47 B	33ms 31ms	Other image/gif	2a00:1450:400c:c0c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=2~k6c8reqf&chm=1&ctx=2&gqid=fG49XsC7LM3igQevpZugDw&qqid=CMqim_nNv-cCFYO8ewod7XUHmQ&met.3=118.m7~118.oh~143.ot_1~118.q4~118.q6~118.q9~298.rl~155.qr_v~143.sa_1~118.sc~132.sc~118.si~132.si~132.si~118.sj~132.sj~118.sj~132.sk~118.v8~132.vb~132.vb~143.vj_1~143.vr~118.w1~132.w1~118.w1~132.w1~118.wb~132.wb~143.yc_1~143.yk~118.ym~132.ym~118.yn~132.yn~143.114_1~143.11d~118.11d~132.11e~118.11f~132.11f~143.13x_2~143.147~118.147~132.147~118.149~132.149~143.16t_1~143.16z_1~118.170~132.170~118.172~132.173~143.19m_1~143.19s~118.19s~132.19s~118.19v~132.19v~143.1cf_1~143.1ck~118.1cl~132.1cl~118.1cp~132.1cp~143.1f7_1~143.1fd_1~118.1fe~132.1fe~118.1fj~132.1fj~143.1i0_1~143.1i6~118.1i6~132.1i7~118.1if~132.1if~143.1kt_1~143.1ky~118.1kz~132.1kz~118.1l9~132.1l9~143.1nl_1~143.1nr~118.1nr~132.1ns~118.1o3~132.1o3~143.1qe_1~143.1qj~118.1qk~132.1qk~118.1qw~132.1qw~143.1t7_1~143.1tc~118.1tc~132.1td~118.1tp~132.1tp~143.1vz~143.1w4~118.1w5~132.1w5~118.1wi~132.1wi~143.1ys_1~143.1z6~118.1z7~132.1z7~118.1zb~132.1zb~143.21l~143.21z~118.21z~132.21z~118.224~132.225~143.24d~143.24r~118.24s~132.24s~118.24x~132.24y~143.27l_1~143.27q_1~118.27y~132.27z~118.281~132.281~143.2ai_3~143.2av_2~118.2b6~132.2b7~118.2b8~132.2b8~143.2dd_1~143.2dq~118.2dq~132.2dr~118.2dx~132.2dx~143.2g6_2~143.2gj_2~118.2go~132.2go~118.2gu~132.2gu~143.2j4_2~143.2je_1~118.2jf~132.2jg~118.2jo_1~132.2jp~143.2ly_1~143.2m7_1~118.2m8~132.2m8~118.2mh~132.2mi~143.2or~143.2p0~118.2p0~132.2p0~118.2pa~132.2pa~143.2rj~143.2rs_1~118.2rt~132.2rt~118.2s3~132.2s3~143.2uc~143.2ul~118.2um~132.2um~118.2ux~132.2ux~143.2x4~143.2xe_1~118.2xe~132.2xf~118.2xq~132.2xq~143.2zx_1~143.306~118.307~132.307~118.30j~132.30j~143.32p_1~143.32z_1~118.330~132.330~118.33d~132.33d~143.35i~143.35t_2~118.35v~132.35w~118.36b_1~132.36c~143.38b~143.38n_1~118.38n~132.38o~118.393~132.393~143.3b3~143.3bf~118.3bg~132.3bg~118.3bw~132.3bw~143.3dw~143.3e8~118.3e8~132.3e9~118.3eq~132.3er~143.3gp~143.3h0~118.3h1~132.3h1~118.3hi~132.3hj~143.3jh~143.3jt~118.3jt~132.3ju~118.3kb~132.3kc~143.3ma_1~143.3ml_1~118.3mm~132.3mm_1~118.3n4~132.3n5~143.3p2~143.3pe~118.3pf~132.3pf~118.3py~132.3py~143.3rv~143.3s7~118.3s7_2~132.3s9~118.3st~132.3st~143.3uo~143.3uz~118.3v0~132.3v0~118.3vm~132.3vm~143.3xg~143.3xs_1~118.3xt~132.3xt~118.3yg~132.3yg~143.40c_2~143.40p_3~118.40s~132.40t~118.41e~132.41e~143.437_2~143.43s_2~118.43w~132.43w~118.447~132.448~143.461~143.46m_1~118.46n~132.46n~118.470~132.470~143.48t~143.49f_1~118.49g~132.49g~118.49t~132.49t~143.4bm~143.4c8_1~118.4c8~132.4c9~118.4cn~132.4cn~143.4ef_1~143.4f0_1~118.4f2~132.4f2~118.4fh~132.4fh~143.4h9_2~143.4iv_2~118.4jc~132.4jd~118.4je~132.4jf~143.4m3_3~143.4m7_2~118.4og~132.4oh~118.4ot_1~132.4ou~143.4r5_1~143.4r6_1~118.4rb~132.4rc~118.4rg~132.4rg~143.4ty_1~143.4tz~118.4u0~132.4u0~118.4u7~132.4u7~143.4wr~143.4ws~118.4ws~132.4ws~118.4x0~132.4x1~143.4zj_1~143.4zk~118.4zl~132.4zl~118.4zt~132.4zt~143.52c_1~143.52d_1~118.52e~132.52e~118.52n~132.52n~143.555_1~143.556_1~118.557~132.558~118.55h~132.55h~143.57y_1~143.57z~118.580~132.580~118.58a~132.58a~143.5ar_1~143.5as~118.5as~132.5at~118.5b3~132.5b3~143.5dk_1~143.5dk~118.5dl~132.5dl~118.5dw~132.5dw~143.5gc_1~143.5gd_1~118.5ge~132.5ge~118.5gq~132.5gq~143.5j5_1~143.5j6~118.5j6~132.5j7~118.5jj~132.5jj~143.5ly_1~143.5lz_1~118.5m1~132.5m1~118.5mc~132.5mc~143.5or_3~143.5ov_2~118.5p1~132.5p2~118.5pk~132.5pk~143.5rm_1~143.5rp_1~118.5rq~132.5rq~118.5sa~132.5sa~143.5ug_4~143.5uk_2~118.5uq~132.5uq~118.5vc~132.5vc~143.5xc_3~143.5xf_3~118.5xj~132.5xk~118.5y7~132.5y7~143.607_1~143.60b_1~118.60d~132.60d~118.610~132.611~143.630_5~143.63a_1~118.63e~132.63e~118.63u~132.63u~143.65x_1~143.663_1~118.664~132.664~118.66p~132.66p~143.68q~143.68w_1~118.68x~132.68x~118.69h~132.69h~143.6bj_1~143.6bp_1~118.6bq~132.6br~118.6cg~132.6ch~143.6ec_2~143.6ei_1~118.6ek~132.6el~118.6f8~132.6f9~143.6h6~143.6hc~118.6hc~132.6hd~118.6i1~132.6i2~143.6jz~143.6k5~118.6k5~132.6k5~118.6ku~132.6ku~143.6mr~143.6mx~118.6my~132.6my~118.6no~132.6np~143.6pk_1~143.6pq~118.6pq~132.6pq~118.6qh~132.6qh~143.6sd_2~143.6si_2~118.6so~132.6sp~118.6tf~132.6tg~143.6v7_2~143.6vd_3~118.6vg~132.6vh~118.6w7~132.6w8~143.6y1_2~143.6y8_2~118.6ya~132.6yb~118.6z8_1~132.6za~143.70w_2~143.712_2~118.715~132.715~118.722~132.723~143.73s_2~143.73x_2~118.73z~132.740~118.74z~132.74z~143.76m~143.76r~118.76r~132.76s~118.77x~132.77y~143.79e_1~143.79k_1~118.79l~132.79l~118.7ao~132.7ap~143.7c8_2~143.7cd_2~118.7cf~132.7cg~118.7dm~132.7dn~143.7f2_2~143.7f7_3~118.7fa~132.7fb~118.7gl~132.7gl~143.7hx_2~143.7i2_5~118.7i7~132.7i8~118.7jl_1~132.7jm~143.7kr_2~143.7kz_2~118.7l2~132.7l2~118.7mg~132.7mh~143.7nl_1~143.7nu_1~118.7nu~132.7nu~118.7pc~132.7pd~143.7qf_2~143.7qm_1~118.7qn~132.7qn~118.7s4~132.7s4~143.7t8_1~143.7tf_1~118.7tg~132.7tg~118.7ux~132.7uy~143.7w1_1~143.7w8~118.7w9~132.7w9~118.7xq~132.7xr~143.7yu_1~143.7z1~118.7z1~132.7z1~118.80k~132.80k~143.81m_1~143.81t~118.81u~132.81u~118.83d~132.83d~143.84f_1~143.84m~118.84m~132.84m~118.866~132.866~143.878_1~143.87e~118.87f~132.87f~118.894~132.895~143.8a1_3~143.8a9_3~118.8af~132.8ag~118.8bx~132.8bx~143.8cv_1~143.8d4~118.8d4~132.8d5~118.8eq~132.8eq~143.8fp_2~143.8fx_3~118.8g0_1~132.8g1~118.8hj~132.8hj~143.8ij_1~143.8is~118.8is~132.8it~118.8kb~132.8kc~143.8lc_1~143.8ll~118.8ll~132.8ll~118.8n4~132.8n5~143.8o4~143.8od~118.8od~132.8oe~118.8py~132.8py~143.8qx_1~143.8r6~118.8r6~132.8r6~118.8sr~132.8sr~143.8tq_1~143.8ty_1~118.8tz~132.8tz~118.8vk~132.8vk~143.8wj_1~143.8wr_1~118.8wr~132.8wr~118.8ye~132.8ye~143.8zb_1~143.8zj_1~118.8zk~132.8zk~118.916~132.916~143.924_1~143.92c~118.92d~132.92d~118.93z~132.93z~143.94x_1~143.955_1~118.955~132.955~118.96t~132.96t~143.97q_1~143.97x~118.97y~132.97y~118.99m~132.99m~143.9aj_1~143.9aq~118.9aq~132.9ar~118.9cf~132.9cf~143.9db_1~143.9di~118.9dj~132.9dj~118.9f8~132.9f8~143.9g4_1~143.9gb_1~118.9gc~132.9gc~118.9i1~132.9i1~143.9ix_1~143.9j4_1~118.9j5~132.9j5~118.9ku~132.9ku~143.9lq_1~143.9lx~118.9lx~132.9lx~118.9nr~132.9ns~143.9oi_3~143.9op_2~118.9ov_1~132.9ow~118.9qo~132.9qp~143.9rd_2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::5e Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gzdfjspx.com/ Origin http://gzdfjspx.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 07 Feb 2020 14:04:57 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 204 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	finnish.svg uploads.guim.co.uk/2020/01/31/	8 KB 8 KB	6ms 5ms	Image image/svg+xml	2a04:4e42:3::367 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.guim.co.uk/2020/01/31/finnish.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d6882414494dfd1bd472c86efbf5d7a895332c1fd148dfbce7cec88b9ac07799 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer http://gzdfjspx.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 14:04:58 GMT via 1.1 varnish age 2413 x-cache HIT status 200 content-length 8439 x-amz-id-2 dmsMfGMHLzv13P30EBbmHArUG9hsYITxQbDnGHh31eVz217ny3j7pF8eaYZsTbD3PLQx+yssO1Y= x-served-by cache-fra19162-FRA last-modified Fri, 31 Jan 2020 11:56:42 GMT server AmazonS3 x-timer S1581084299.896324,VS0,VE0 etag "b80b84177816ac1b9874f555662a3bab" strict-transport-security max-age=86400 x-amz-request-id 0059C62B00A4C8B8 accept-ranges bytes content-type image/svg+xml x-cache-hits 176